Can't use proxied DNS (orange cloud) with Oracle Cloud + Node.js Fastify
I have a Node.js Fastify (only HTTP) webserver on an Oracle Cloud compute instance, where traffic from all IPs are allowed.
Originally, I have routed the public IP address of the instance to point to a subdomain on Cloudflare (as an A record), but DNS-only (grey cloud).
This worked, but I want to leverage Cloudflare proxy's features such as SSL and DDoS protection.
Right now, I changed from DNS-only (grey cloud) to Proxied (orange cloud) but it's giving me a
ERR_EMPTY_RESPONSE
error in Chrome.
Originally, visiting http://api.bsr.gg:4000
would work, but after proxying it visiting both http://
and https://api.bsr.gg:4000
stopped working and resulted in a ERR_EMPTY_RESPONSE
Chrome error.
My Oracle Cloud public IP is 150.136.65.23
as shown in the image below. SSL/TLS setting is set to Flexible.13 Replies
Network ports · Cloudflare Fundamentals docs
Learn which network ports Cloudflare proxies by default and how to enable Cloudflare’s proxy for additional ports.
Available Origin Rules settings · Cloudflare Rules docs
The following sections describe the available settings in Origin Rules.
This works for http but I'm wondering is it possible to have https as well? (displayed as secure in the browser) I just need it to be https from my network to cloudflare, not cloudflare to my server
I have ssl setting on flexible in the dashboard
If it works for HTTP, then it should automatically also work for HTTPS.
Let me see
I get this for https
I don't see it working for HTTP or HTTPS...
It's on port 2052
Try port 80
I'd like to keep port 80 open for something else in the future, is it possible to have it on 2052? It's listed as one of the ports on the docs page you sent
Possibly? Tbh, I always use port 80/443, which I know is auto-converted from HTTP to HTTPS, so it might just be that it doesn't auto-upgrade when on 2052.
You could use a reverse proxy like Caddy to run multiple apps on port 80, or use Tunnels, which also has the added benefit of allowing you to close all ports for your server.
I don't have https set up on my server so idk, I'm not sure if I have to set that up on the server too as I don't need cloudflare -> my server encryption
Yeah, then Tunnels are probably the best idea, since they don't require HTTPS to function, but still provide encryption from Cloudflare -> Your Server
Thanks, I tried using Cloudflare Tunnels and it worked