Hello,
I am trying to force all calls to my API to go through Cloudflare. I have created an origin certificate and installed it on my Heroku app, and I have changed my SSL\TLS mode to Full (strict). Now I want to force all traffic through Cloudflare, instead of using the example.heroku-app.com domain, but I am unsure how to do that with Java/Spring.
Thanks!
This article: https://www.viget.com/articles/heroku-cloudflare-the-right-way/#encrypt-and-authenticate-communication-between-cloudflare-and-heroku, is what I followed. It has an example of how to force traffic through Cloudflare using Ruby/Rails, but I don’t know how that translates to Java/Spring.
Looking at the example code they provided. All they are doing it checking if the hostname of the request contains Heroku and if they IP they are connecting from is from Cloudflare. I don’t know java/spring, but all you need to do is filter the incoming requests on that criteria.
Should I block by using the server name? Could I block by IP, does the Cloudflare IP change?
Ok, I have noticed that the IP addresses on requests from my www.domain.com and domain.com are different. They are both 172.70.XXX.YY and 172.70.XXX.ZZZ. Neither IP address seems to be part of the IP ranges you provided (close to 172.64.0.0/13). What exactly is going on here? I am making these requests through Postman, and then logging the values of the remote host and remote address, which is giving me those IP values.
This is within 172.64.0.0/13
172.64.0.0/13 goes from 172.64.0.0 to 172.71.255.255
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.