Redirect websocket port 443 requests to port 444 on the server

I have a secure web socket server running on the host on port 444. I can’t use port 443 because Apache is running on the server. I need Cloudflare to forward requests to wss:// to wss:// with the client still seeing the port as 443 so the request won’t get blocked by firewalls that don’t allow non-standard port access. Is this possible? Thanks!

To be clear: I’ve tried adding an Origin rule so that connections to wss:// go to port 444 but it doesn’t seem to work so I’m wondering what I’m missing or if Origin rules only work for http(s).

(Update: The below is incorrect).
This. If you want to do this for non-HTTP traffic you’ll need to look at Spectrum


Ah ok. Thanks for the reponse.

Update: I spoke with @achiel , one of our PMs who knows more about Websockets than I. We confirmed that this should work, and i just set up a demo at home to prove this works:

  • Origin with websocket server listening on port 1337
  • Origin rule to rewrite the destination port from 443 to 1337 when hostname contains ‘wss’

Now when I connect to ws:// I connect straight through to my websocket application:

❯ websocat ws://

Hello  !

The only change I made, mainly because the websocket app on the origin was super lightweight, was to temporarily set the SSL/TLS to flexible for testing purposes (I dont have time to get the certificates imported and loading via the WS application etc :slight_smile: ).

If its not working for you, i’d recommend checking:

  1. Websockets is enabled via the “Network >” tab in the dashboard.
  2. The Origin Rule is triggering correctly, i.e. check the filter to make sure it is correct.


1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.