How can i use my domain-name for api-calls instead of webserver-ip

Hello,
i have a domain which uses the Cloudflare DNS for https. My Problem is, that i can make an api call with my webserver ip, but not with my domain-name. For example:

this works:
https://webserver-ip.com/auth/test

but this not:
https://example.com/auth/test

In Cloudflare i created following dns entries:

Typ: A, Name: example.com, Value: webserver-ip, TTL: auto, Proxy enabled
Typ: CNAME, Name: www, Value: example.com, TTL: auto, Proxy enabled

I can visit my domain and it shows me a valid certificate. Only api calls with my domain name not working. I Have also installed the cloudflare origin certificate.

In my backend iam using Nestjs and have following settings:

const app = await NestFactory.create(MainModule, {
cors: true,
httpsOptions: {
key: keyFile,
cert: certFile,
},
});
app.use(helmet());
app.enableCors({
methods: [‘GET’, ‘POST’, ‘HEAD’],
origin: [
‘http ://example.com’,
‘http ://www.example.com’,
‘http s://example.com’,
‘http s://www.example.com’,
],
allowedHeaders: [‘X-Requested-With’, ‘X-HTTP-Method-Override’, ‘Content-Type’, ‘Accept’, ‘Observe’]
});

Iam not sure what iam doing wrong.

Does it show any type of error? Are you seeing any entries in the Firewall Even Log at dash.cloudflare.com?

In Cloudflare there are no firewall logs yet. If i try to send a request with my domain-name its just loading for a long time and then it says RR_CONNECTION_TIMED_OUT.

What is your SSL encryption mode? Is your API endpoint (on server side, not Cloudflare) only accepts traffic via HTTPS?

1 Like

Hey,

i tried the encryption mode full and full (strict) but without success. My API accepts actually only https. If i change it to allow http, api calls are still only work with webserver ip and not domain name.

Is there any error logs from your server?

No nothing. If i try to make an api-call with my domain name its just loading and loading for approximately 2 minutes and than its shows only RR_CONNECTION_TIMED_OUT.

Well, I don’t have idea. Maybe @MVP can take a look at it.

1 Like

Without actual data (hostname and IP address), we can’t troubleshoot this. I would use ‘curl’ to make the request to the hostname, the IP address, and then with the --connect-to flag (hostname and IP address) to test behavior with the GET or POST payload.

What I see in this thread is an API that only works over HTTPS using a Cloudflare Origin Certificate. Though I’m confused how that would work with the IP address, as Origin Certs aren’t publicly accepted, nor would it match an IP address connection. But if configured for HTTP Only, will work with IP address.

I’m also not sure which Encryption mode you’re currently using. It’s a lot of variables that are changing.

4 Likes

Hey,

thanks for your reply. Iam using the encryption mode “full (strict)”. But i also tried just “full”.
I didnt find a possibility to send you a private message. Then i could send you my domain and webserver ip. Maybe you can find the problem. Is there another way to contact you ?

I think i could fix the above problem.
I used the port 3000 before for my backend. I read somewhere that this port is not supported from cloudflare so i changed it to 8443, which is supported. Now The request with my domain-name are not loading for minutes and also not showing the RR_CONNECTION_TIMED_OUT error.

But it shows now this error:
ERR_SSL_PROTOCOL_ERROR

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.