Hello.

I have set up my domain (montglane.com) in cloudflare, nameservers working and all the initial set up seems fine. Now I want to limit access to my API only to requests served through cloudflare, so this is what I did:

• Added an A record to api pointing to my server
• Set SSL to Off in cloudflare
• Opened port 6000 in my router and routed it to this server
• Tested that I can reach my dummy app with curl -X GET -i <my-external-ip>:6000
• Enabled development mode and purged all cache
• Added iptable rules to limit access only to cloudflare ips, the rules look like this:
  iptables -I INPUT -p tcp -m tcp -m state --state NEW,ESTABLISHED -s 173.245.48.0/20 -j ACCEPT
ip6tables -I INPUT -p tcp -m tcp -m state --state NEW,ESTABLISHED -s 2400:cb00::/32 -j ACCEPT
  and so on with all the other ips. The last iptable rule is to drop all packets of course.

But now if I try the same curl pointing to api.montglane.com:6000 it times out, as if the request came from another ip. I took the list of ips from here https://www.cloudflare.com/ips/

Am I missing anything obvious?

Cloudflare doesn’t route traffic over Port 6000.

You are of course, right. Thanks for the link Changed to port 80 and it worked directly

This topic was automatically closed after 30 days. New replies are no longer allowed.