I’m having a problem configuring CF firewall to accept HTTP traffic on a port other than 80.
In this setup the server runs two services:
- A web site here: https://sit.sbsdigitalmetering.com
- An HTTP listener service here: http://sit.sbsdigitalmetering.com:8100/
I want to configure the WAF to front the web site and permit all HTTP traffic on port 8100 to pass unhindered and unaltered.
With CF switched off all works fine. With CF enabled HTTP traffic to port 8100 is blocked, as expected.
A firewall rule is now added:
tcp.port eq 8100 => Allow
Then: POST http://sit.sbsdigitalmetering.com:8100/api/pico/2/update HTTP/1.1 Content-Type: application/octet-stream
Traffic is still blocked and does not hit the server. I receive an HTTP 502 response (Connection failed).
What steps are required to configure CF to pass HTTP traffic on port 8100 and apply WAF rules otherwise?