My api is not responding because of cloudflare
Hello, I am using VDS, I use PHP as the language and I publish my site with Xampp. Then I connected my domain but I encountered a problem. When I sent a request to the API via my domain on Cloudflare, I did not receive a response, but I could receive a response via localhost. I turned off the firewall and got a response from the domain. Is there an alternative way to do this? "Sorry for my English." #general-help
8 Replies
What do you mean by you don't recieve a response? Like it says the port is closed ?
No, everything is fine. I can successfully receive the response from the API on localhost, but on my domain connected to Cloudflare, there is no response from the API, I receive an empty response. When I turn off, I can receive a response from my domain.
I mean this feature:
When I turn it off, I cannot get an SSL certificate :/
What is the error you get ?
Do you use cloudflare tunnel or regular cloudflare?
Normal free
There is no error message. This occurs when I purchase an SSL certificate.
If I turn the mode off, I receive a response from the API but the SSL certificate is gone. What should I do? Someone please help.
I believe you need to install the certificate onto your server
Did you configure redirects on your API?
It usually happens when you configure https redirects on the server side that keep redirecting from http to https or from page to specific page.
I have never used xampp so it's pretty hard for me to provide more help.
Maybe try to use let's encrypt before cloudflare on your API and see if that fixes your issue.
Make sure you are creating CA and CAA records on your DNS records in cloudflare for providing them access to issue certificates for you behind cloudflare proxy
I guess you're on windows vds right?
I'm not sure how it works on windows.
I always used Linux for everything
It would be best to simply install cloudflared on to the VPS or nearby system (eg. docker/router) and then just do http from the tunnel, or do https with tls verification turned off
If you do http only between cloudflared and your API service, make sure to remove any http>https redirect logic, CF will handle the redirects on its side.
Alternatively you can also obtain "origin" certificates for free from CF, these will be trusted and enable full SSL communication between CF<>Origin Server (your API server) and then CF will load its obtained certificate to do SSL to your users.
cloudflared is the best way to secure your origin as well as your server will not be exposed to the public internet (eg. no need to portforward port 80/443 etc)