Issue#
We want to host some services at home and transmit them to the public network through DDNS, and use Cloudflare CDN for acceleration. However, we may find that the default ports such as 80 and 443 are blocked by the ISP, and Cloudflare does not open all ports either. Therefore, port testing is required to use the services properly.
You can use the following website for port scanning:
Port Scanning - Online Port Scanning Tool (hwcha.com)!
Overall Approach#
After confirming the available ports, you can map the ports through DDNS to the available ports on Cloudflare.
Implementation Process#
-
Home DDNS service can use TP-LINK's free service and set it up in the router management interface:
Here it is called "Virtual Server". After entering, set the corresponding port:
-
Bind the domain name in Cloudflare.
By default, Cloudflare supports the following traffic proxy ports:HTTP ports
- 80
- 8080
- 8880
- 2052
- 2082
- 2086
- 2095
HTTPS ports
- 443
- 2053
- 2083
- 2087
- 2096
- 8443
Cache-disabled ports:
- 2052
- 2053
- 2082
- 2083
- 2086
- 2087
- 2095
- 2096
- 8880
- 8443
By default, Cloudflare only provides a few ports for CDN proxy. If the traffic destination port of the domain is different from the ports listed above, for example, there is an SSH server listening for incoming connections on port 22, there are two options:
- Change the subdomain to a gray cloud through the Cloudflare DNS application to bypass the Cloudflare network and connect directly to the origin server. Here, Cloudflare only does domain name resolution.
Default proxy, orange cloud:
Gray cloud:
- Configure the Spectrum application for the hostname running the server. Spectrum supports all ports. However, Spectrum's TCP and UDP ports are only available in the Enterprise plan and require a paid subscription.
Now you can enjoy using the services o( ̄▽ ̄) ブ.