Static IP in cloudflare worker
I trying to hit an external API through cloudflare worker
my issue is they require static IP which I have to give So they can unblock me.
But cloudflare have dynamic IP
Is there any workearound
Static IP is only for enterprises
12 Replies
Any proxy workaround
setup a web proxy on a cheap cloud machine and fetch through that
you lose many of the benefits of workers but it's really your only choice
Have your static origin IP handle the DNS API call, requires gray clouding on CF though..
what's that?
what I can do is I hit 10 different APIs only 2 of them issue
one this IP whitelist
one has port issue
claudflare ignores port for somereason (in prod)
you would point one of your custom domains records to your origin with static IP (DNS only, gray cloud, NOT proxied) And on that origin you can reverse proxy or blind-redirect back the request to your cloudflare worker. Your custom domain would be used for the api calls instead of the worker.dev domain that way they would always originate from your static origin's IP but beware of the consequences of exposing your origin IP :/ Maybe utilize a purpose build machine and pub IP for that and only that, like a VPS for example. or leave cloudflare totally out of it like Erisa said
Yes cloudflare ignores all ports by default but port 80 and 443, my proposed solution could also solve the port limitation issue but only applies to DNS though, i bet if you hit the IP and port directly it works?
Its something i'll be experimenting with soon too to set up my own mailserver, a dedicated machine for that and only that as receiving mail to your custom mailserver is impossible on a proxied cloudflare record (port limitation issue) I'll keep you updated if you'd like
I was already researching for what @Erisa said as it seems the most optimum solution
though I don't know where to get these machines and setup would love some source
cause I think that will solve both my APIs
if you guys know any resource that could help me please do share
It would for sure! The cheapest hosting provider you can find will do just fine i bet! As all it needs to do is forward requests i think?
yaa that is the eZ part
Have a domain point to that hosting but not through cloudflare and do everything you've done before, using that dedicated static IP host, not cloudflare 😄
keep using cloudflare for all your other http based stuff tho ie. website 🙂
In time you could use that setup for all static-IP purposes along your development path (more api's with that requirement you'd like to utilize)
btw i forgot to ask but your whitelisting did it only allow for one IP? 😮 Because there's another solution.. You can also whitelist all of cloudflare's IP ranges.. But i can imagine API's only allow for one to a few and no ranges 😉
I did that
yes they were throwing error from their side 2a06 blocked
so I added xformxforwardedfor header and it solved it I was wonderin is there any security or future issues with thi s
@MDev
Please do not ping community members for non-moderation reasons. Doing so will not solve your issue faster and will make people less likely to want to help you.
Did you mean the X-Forwarded-For header? I don't think any security issues would arise from that 😉