Can't use proxied DNS (orange cloud) with Oracle Cloud + Node.js Fastify

I have a Node.js Fastify (only HTTP) webserver on an Oracle Cloud compute instance, where traffic from all IPs are allowed. Originally, I have routed the public IP address of the instance to point to a subdomain on Cloudflare (as an A record), but DNS-only (grey cloud). This worked, but I want to leverage Cloudflare proxy's features such as SSL and DDoS protection. Right now, I changed from DNS-only (grey cloud) to Proxied (orange cloud) but it's giving me a ERR_EMPTY_RESPONSE error in Chrome. Originally, visiting http://api.bsr.gg:4000 would work, but after proxying it visiting both http:// and https://api.bsr.gg:4000 stopped working and resulted in a ERR_EMPTY_RESPONSE Chrome error. My Oracle Cloud public IP is 150.136.65.23 as shown in the image below. SSL/TLS setting is set to Flexible.
13 Replies
Hello, I’m Allie!
Does it work if you make the Fastify server listen on one of these ports?
Network ports · Cloudflare Fundamentals docs
Learn which network ports Cloudflare proxies by default and how to enable Cloudflare’s proxy for additional ports.
Hello, I’m Allie!
Or you can try a Destination Port Override Origin Rule. Visible here on the dash.
Available Origin Rules settings · Cloudflare Rules docs
The following sections describe the available settings in Origin Rules.
GodderE2D
GodderE2D15mo ago
This works for http but I'm wondering is it possible to have https as well? (displayed as secure in the browser) I just need it to be https from my network to cloudflare, not cloudflare to my server I have ssl setting on flexible in the dashboard
Hello, I’m Allie!
If it works for HTTP, then it should automatically also work for HTTPS. Let me see
GodderE2D
GodderE2D15mo ago
I get this for https
Hello, I’m Allie!
I don't see it working for HTTP or HTTPS...
GodderE2D
GodderE2D15mo ago
It's on port 2052
Hello, I’m Allie!
Try port 80
GodderE2D
GodderE2D15mo ago
I'd like to keep port 80 open for something else in the future, is it possible to have it on 2052? It's listed as one of the ports on the docs page you sent
Hello, I’m Allie!
Possibly? Tbh, I always use port 80/443, which I know is auto-converted from HTTP to HTTPS, so it might just be that it doesn't auto-upgrade when on 2052. You could use a reverse proxy like Caddy to run multiple apps on port 80, or use Tunnels, which also has the added benefit of allowing you to close all ports for your server.
GodderE2D
GodderE2D15mo ago
I don't have https set up on my server so idk, I'm not sure if I have to set that up on the server too as I don't need cloudflare -> my server encryption
Hello, I’m Allie!
Yeah, then Tunnels are probably the best idea, since they don't require HTTPS to function, but still provide encryption from Cloudflare -> Your Server
GodderE2D
GodderE2D15mo ago
Thanks, I tried using Cloudflare Tunnels and it worked
Want results from more Discord servers?
Add your server