Scp does not work on cloudflare domains

scp does not work on cloudflare domains.
I can use the following to transfer files to an AWS instance on all domains that are not using Cloudflare.
scp -r -i My-AWS-Key.pem /home/directory/files/* [email protected]:/home/ubuntu/My-configs
How do I stop Cloudflare from blocking the transfer of files to a server?

port 22: Network is unreachable

Right. Cloudflare only proxies HTTP/S unless you’re using Spectrum:

[email protected]:/home/ubuntu/My-configs

You’d have to either grey-cloud, or use the IP address of your origin server instead. I recommend the IP address option.

1 Like

Thanks for the reply.
After further reviews it appears that the http proxy is not working either.

sld.Mydomain – (OMG I can not even post fake a Link)
The page isn’t redirecting properly

The more I look at this the more messed up it is.

"If traffic for your domain is destined for a different port than the ones listed above, for example you have an SSH server that listens for incoming connections on port 22, either:

Change your subdomain to be gray-clouded, via your Cloudflare DNS app, to bypass the Cloudflare network and connect directly to your origin."
  1. Where is the DNS app?
  2. Is this trying to tell me that I can not have a combined web/ssh server and how does that work?
  3. If I have to bypass the Cloudflare network why do I even want Cloudflare in the first place?

When you login to Cloudflare, select your domain and go to DNS.

You absolutely have both a web and ssh server on the same machine with Cloudflare active.

You can use with proxy active to access your webserver and with the DNS-only mode to access your SSH server. That way, you would be able to use most Cloudflare services but have no DDoS protection as your IP would still be public.

If that is not good enough for you, you could also use Cloudflare Zero Trust to create a tunnel for SSH, but that would require additional software on the clients.


Thanks for the reply and helping me out with the DNS. I did not realize that now I essentially have 2 DNS records to configure/worry about.

Unfortunately after configuring the DNS this dies not work. I can not scp or serve http. To make matters worse Cloudflare is reporting " Web server is down" This webserver is not down and is serving all domains that are not configured with the Cloudflare DNS.

I have no idea how to use the “DNS-only mode to access your SSH server”

Can you tell us the domain that is not working and show a screenshot of what you have done in your Cloudflare DNS Dashboard?

Using Cloudflare does not work.

Same server and ip deployment without cloudflare works.

I was able to get the scp to work using domain only but I am not able to deploy a website using cloudflare

Why isn’t Cloudflare working?

Make sure, in the dashboard under SSL/TLS, your mode is set to “Full (strict)”.

I turned off the encryption so that I could make sure that was not blocking me. When that works I will attempt to get SSL working.

You’re redirecting http to https, and https is redirecting back to http. Change the mode to “Full (strict)” and see if that works. If you want to shut off the encryption you would need to also shut off the redirect, because right now you’re not serving the site via http.

That does not work either and now thanks to Cloudflare my working site without any Cloudflare is giving me a big red “Deceptive site ahead”

Everything was working before I started messing with Cloudflare

The cloudFlare gives me 404 page not found.
This error appears to be comming from my traefik router. As expected it i not encrypted since I have not given Traefik the cloudflare provider credentials yet.

The other domain is giving me a big red Deceptive site ahead

I’m not sure why you’re seeing the warning; both of the sites in your screenshots are now working for me.

Cloudflare 		>> is rendering and has a Google Trust cert from cloudflare. 	>> Invalid SSL certificate 	>> Invalid SSL certificate 	>> Invalid SSL certificate

Not Cloudflare		>> Deceptive Site Ahead

The certificate errors are about the certificate on the origin server, which I can’t see. Are they regular Let’s Encrypt certificates or something else?

I don’t get the warning on, and the site works fine in Safari, but Firefox throws all kinds of errors about Safe Browsing and refuses to load the CSS and other resources. That site isn’t on Cloudflare so that’s an entirely different issue.

1 Like