How do i forward to a ip with a port number?


#1

I signed up for a free account with cloudflare

I have a basic website server and a application with tomcat

I want mydomain.com to point to myip:8080
and platform.mydomain to point to myip:8090

how can i do this what exactly are the dns records i need to set up

I am using these ports because my isp is blocking all trafic at port 80

I don’t care if my ip gets revealed through srv recods, i just want to know how to do it exactly


#2

That sounds like this issue:

I’m not sure a SRV record will work the way you want it to. I think @MarkMeyer knows how SRV records work. @cscharff definitely should know this. Maybe.


#3

thanks for the reply,

what other alternatives are out there other than cloudflare

surely there’s a provider that will give me a free ssl and allow me to point my domain to my ip with a port


#4

v rec?


#5

If both services are HTTP based, the typical way to do what you want is to simply have a front proxy (like Nginx) that based on “server_name” will proxy_pass to either backends.

However, if you don’t have to have the second port specifically 8090, the Cloudflare forwards other ports besides 8080 and 80: you also have 8880, 2052, 2082, 2086, 2095.

If it’s not HTTP based, Cloudflare cannot proxy it anyway, so you can just have the “orange cloud” turned off, and your real IP will be published and nothing is special, and it will work. No SRV required…

If however what you really want (which was not explicitly said in your opening message) is that port 80 (or https/443) to be accessed by your users and Cloudflare going to another port on the backend, I think that the only solution Cloudflare has to offer is this: https://www.cloudflare.com/products/argo-tunnel/. That one costs money though.

It’s probably cheaper to just switch to an ISP which provides “the whole Internet service”, and not a sub-set thereof (which in some countries may even be illegal due to net neutrality laws). Also, maybe they block 80 but not 443? If they allow 443, it’s also good for you (it’s actually better, because you’ll be able to make your connections secure)


#6

thanks for the reply, very helpful

yes, i will look into different isp’s and see what they offer

another question is i was playing around with ssl but i wanted to disable it so i deleted by when i do https://mydomain.com:8443 i still see that ssl is enabled?

how do i completely shut down ssl so i can do some testing?


#7

8443 is a port for SSL… I don’t know if you can ask Cloudflare to not serve SSL over it… but you can bypass Cloudflare altogether by clicking the orange cloud next to the relevant DNS record in the DNS tab, so it will go directly to your IP. You’ll have to configure your server however also, to serve plain HTTP on an otherwise a port that usually comes with an SSL configuration.


#8

oh i see, i thought 443 was for ssl i guess they both are. but how is it giving me the ssl lock?

i deleted the ssl certificate and all the files and it’s still a green lock?


#9

Well, 443 is the official port for HTTPS. But in the world of limited software (Java, I’m looking at you!), where software cannot bind to port and drop privileges later (what all other web servers do), there has been this “convention” to use “8080” instead of “80” and “8443” instead of “443”. Those ports are > 1024, so non-administrative users can bind to them. Non-Java servers don’t have this issue; They bind to the < 1024 port, then drop privileges / capabilities.

You still get the green lock if Cloudflare is facing your site because (I think) you deleted certs and everything from your server, but if Cloudflare is in front of you - they’re serving the site - and their SSL certificate. But the connection to your backend (between Cloudflare and you) may not be secure, so this is kind of misleading. You’ll need your SSL mode (in Crypto tab) to be “Flexible” or “Full” but not “Full (strict)” for broken SSL with the backend to work. If it was “strict”, you would get an error from Cloudflare that no secure connection could have been made to your backend.


#10

thanks a million shimi, you’re the best

thanks for clearing up a few things

I’ve decided to stop using cloudflare, and I’m playing around with dynu.com


#11

Good luck :slight_smile:


#12

It works for applications which look it up/respect it/care. So VOIP apps and others use/respect it but I don’t know of a web browser which does. That being said, one could accomplish this with Cloudflare Workers by rewriting the origin URL with the port.