I am using the free service
My web site is using www proxied
My app is on a nother server and is at a subdomin. with DNS only and its own SSL
my app uses ports 80 and 443 for https traffic
My app also needs port 5678 open to use for incoming webhoook traffic (no option to change that port)
How can i open port 5678? at this time it looks like Cloudflare wont allow any incoming traffic
I have it DNS only
If you’re using Cloudflare’s free service, which proxies traffic through their network, incoming traffic on non-standard ports like port 5678 may be challenging to configure as the free tier does not support this. Cloudflare’s proxy service primarily focuses on HTTP and HTTPS traffic, so allowing arbitrary incoming traffic on other ports is not supported with the free plan.
To open and allow incoming traffic on port 5678 for your app, you have a few options:
-
Upgrade to a Paid Cloudflare Plan: With a paid Cloudflare plan (such as the Pro plan or higher), you can configure custom firewall rules that allow incoming traffic on non-standard ports. This would give you the flexibility to specify which ports to open for incoming traffic. Review Cloudflare’s paid plans to see if they meet your requirements.
-
Direct DNS Configuration: If you want to keep Cloudflare’s services but still receive incoming traffic on port 5678, you might consider bypassing the Cloudflare proxy for this specific subdomain. Here’s how you can do it:
-
In your Cloudflare dashboard, go to the DNS settings for your subdomain.
-
Set the proxy status to “DNS Only” for that specific subdomain. This will bypass the Cloudflare proxy for that subdomain and allow incoming traffic directly to your server.
-
Configure your server to listen on port 5678 for incoming traffic.
Please note that bypassing the proxy for this subdomain means it won’t benefit from Cloudflare’s security features. Ensure that your server is adequately secured so please keep in mind that by allowing incoming traffic on non-standard ports, you should also consider the security implications and ensure your server and application are adequately protected. It’s essential to implement security measures, like firewalls and access control, to protect your server when allowing traffic on non-standard ports.
Hope this helps!
Ali
Unproxying is good advice if that is an option for the user, with the security issues in mind.
I would just point out, in the interest of not letting someone pay for something they won’t get: Firewall Rules cannot open ports, and no Cloudflare Paid plan can accept traffic on non-standard ports, except Cloudflare Enterprise with Enterprise Spectrum, which is not the normal Proxy per say.
The list of open ports is here: Network ports · Cloudflare Fundamentals docs
Firewall Rules can block traffic coming in with http 403’s on non-standard ports, but not open any not in that list.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.