How to use the non-standard ports compatible with Cloudflare

Cloudflare says in their article
200169156-Identifying-network-ports-compatible-with-Cloudflare-s-proxy

By default, Cloudflare proxies traffic destined for the HTTP/HTTPS ports listed below.

HTTP ports supported by Cloudflare:

  • 80
  • 8080
  • 8880
  • 2052
  • 2082
  • 2086
  • 2095

but at the bottom of this page Cloudflare also says this:
Cloudflare Access does not support port numbers in URLs. Port numbers are stripped from requests for URLs protected through Cloudflare Access.

I have tested with http://domain.com:8080 and indeed cloudflare removes the 8080 and sends the traffic to domain.com on port 80

So i dont get it, but how do I use one of these other ports? aside from 80 for http or 443 for https (obviously)

Unfortunately, you can’t with Access.

Would Portzilla be an option? As long as something else isn’t already running on Port 80 for that domain, I’d expect this to work.

1 Like

Those are HTTP ports not HTTPS, Cloudflare doesn’t support any HTTP ports with Access. If any actually work it’s not a feature and generally a colossally bad idea.

  • Does the application behind Access need to use HTTPS? Yes. Cloudflare Access only secures applications that use HTTPS.
  • Can Access enforce rules on a specific, nonstandard, port? No. Cloudflare Access cannot enforce a rule that would contain a port appended to the URL.However, you can use Cloudflare Argo Tunnel to point traffic to nonstandard ports. For example, if Jira is available at port 8443 on your origin, you can proxy traffic to that port via with Argo Tunnel.
4 Likes

Did Access actually show up on Port 80 for this request?

ok, I just used half the help article as an example, its exactly the same question with the HTTPS ports mentioned, so my question is the same, how do we use any of these ports except for 443?

You can use Argo tunnel to map to a port on the origin server that isn’t 443, but through Cloudflare itself that’s not supported today.

2 Likes