r/CloudFlare: CF tunnel and URLs with ports
Original Reddit post: https://www.reddit.com/r/CloudFlare/comments/zmriw7/cf_tunnel_and_urls_with_ports/
I've set a CF tunnel and everything is working as expected but with one small detail.I've an http app, that has some urls create dynamically. Meaning that the app get's the current url and adds a port.When I access it via the tunnel, the URL becomes something like "https://domain.mytunnel.com:81" when in reallity the ":81" should be passed to the host.How can I fix this, without changing my app?
Without a specific reason, you should always configure any CF Tunnel via the CF Zero Trust dashboard, instead of through a local config file.
Comment 1 on Answer
But that's what I did...
In fact I do not have any config file for cloudflared on my raspberrry.
Is that a way to solve my issue via CF Zero Trust dashboard?
My response to comment 1
My comment is mainly there to discourage "anyone" from still configuring their tunnel via config file.
And no, a config file wouldn't help with your issue either, since a dynamic port isn't planned to work with Cloudflare Zero Trust, they expect a static port per app.
Are you using Public Hostnames to publish your apps?
If you only want to access your app privately, via a client, you could add private endpoints to a tunnel and use the WARP client to access your app. This would take the tunnel out of the equation since private endpoints paired with WARP work like a VPN, tunneling traffic going to any TCP or UDP port.
Comment 1.1 on Answer
Yes, I'm using Public Hostnames.
The issue is not a port per app.
My app (webpage) has links "<a href>" created dynamicaly.
Some links are build as "current url"+port.. meaning that when I hover one of those links locally I get: "http://192.168.0.22:81"
But when I access via Public Hostname I get "https://publichost.mydomain.com:81" that leads nowhere. the port 81 should be passed along to the host.
Can it be fixed via the dashboard, or config file?
My response to comment 1.1
Neither, this will only work via WARP and private endpoints since public hostnames only respond on 80 and 443.