How do I turn off WAF, or configure the ruleset?

I’m just trying out Cloudflare for the first time, with a single test domain, on a free plan. The VPS I’m managing has ports 25, 80, 443, and a single high port (7000+) open. The high port is for ssh.

Problem: I can ssh in using the IP address, but not the domain name. A port scan shows the port is open when scanning the IP address, but filtered when using the domain name (ssh must be used with the domain name, and not the IP address, for complex reasons).

I can’t find a way to tell Cloudflare to disable this behaviour. Under Security > WAF > Managed Rules, all I see is essentially an advertising message telling me that customers are getting a managed rule set ‘today’. If I click on ‘today’, I get more details, but the screenshot under ‘The free Cloudflare managed rule set’ shows much more detail than I can see, and implies that the ruleset can be configured.

Any ideas? Thanks.

This isn’t related to the WAF at all - proxied records only pass HTTP/HTTPS traffic and only for specific ports.

https://developers.cloudflare.com/fundamentals/get-started/reference/network-ports/

If you want SSH access, you need to use something like Spectrum or Cloudflare Tunnels.

https://developers.cloudflare.com/spectrum/

https://developers.cloudflare.com/cloudflare-one/tutorials/ssh/

1 Like

Great - thanks. Turning off the proxy does get me access.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.