How to bypass the CDN and send traffic to the origin server with CDN enabled

I have two subdomains I use for my backend services, and they generate a lot of traffic to specific IPs which I don’t want / need cloudflare to CDN it…

Is there a way to make it so that every connection to IP X will be bypass the CDN ?

That’s not possible…

What about the WAF cloudflare with bypass rules?

Is it just about not to cache anything but keep other settings like security active?

1 Like

I need traffic between IP X and Y to origin to not be proxied because they generate a lot of traffic…

But I still want to use cloudflare dns, hide the origin IP and proxy the traffic to everything else

Users should see and interact only with a single domain. Anything you do must be transparent

Use a host file on the local machines for those subdomains to bypass Cloudflare and talk to the origin directly.

2 Likes

Can you give examples of that ? Are you saying to use the host file on my origin server, or in the machines of IP X and Y ?

I don’t control them… I could ask them to do that, but I’d rather have a solution that doesn’t rely on cooperation of others

It sounds like you need some internal communication between those two hosts. Since you want it to be

You need some way to hide the subdomains from your users. Therefore you can’t add them to your ‘public’ code as the clients would resolve and ‘reveal’ them. So all this needs to be done in the background by your application. The best way would be to add the hostname to your hosts file as @cscharff suggested earlier. Or re-code your App to connect to these two hosts directly via their IP addresses.

What the hosts file could look like:

 [email protected]:~$ cat /etc/hosts         
 127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
123.456.78.9 subhost.yourdomain.com

Pretty easy.

1 Like

Guess Im confused how a backend service which is a subdomain of your domain wouldn’t be under your control or really why a backend service would be making a call to a frontend server.

You can whitelist 3rd party sites that connect to yours, but if the record is :orange: then the value returned for the hostname is a Cloudflare IP, there’s no per URI/URL control at a DNS host level.

This topic was automatically closed after 14 days. New replies are no longer allowed.