H 112: Cloudflare Quick Tunnel (10 pts + 15 extra)

What You Need for this Project

A Linux machine--I used a Google Cloud Debian 12 headless server

Purpose

To create a tunnel to a local resource. This is a safe way to expose a local service to the Internet without opening a port.

I am following this process: Quick Tunnels.

Installing Apache

On your Linux server, execute these commands:


sudo apt update
sudo apt install apache2 -y
sudo ss -pantl

You see the apache2 process listening on port 80, as shown below.

Installing Cloudflared

On your host system, in a Web browser, go to Cloudflare Zero Trust Downloads.

In the Linux section, find the .deb link appropriate for your processor type, as shown below.

If you are using a Mac M1 or later, use the ARM64 version. Otherwise, use the "amd64/x86-64" version.

Right-click the Download link and copy the URL.

On your Linux server, execute these commands, pasting in the URL you copied as the argument for the "wget" command:


wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
sudo dpkg -i cloudflare*
cloudflared tunnel --url http://localhost:80

You should see your tunnel's URL, as shown below.

Flag H 112.1: Message (10 pts)
The flag is covered by a green rectangle in the image above.

Viewing your Web Server

In a Web browser, visit the URL you saw in the message above, ending in trycloudflare.com

You should see the default Apache page, as shown below.

Using a Real Domain Name (15 pts extra)

The tunnel you created above is temporary. For a persistent tunnel, you need a real public domain name. Those cost a few dollars a year.

Purchasing a Domain Name

You can get them many places, including from Cloudflare.

You'll need to create an account at cloudflare.com, register your domain there, and set cloudflare as your authoritative DNS servers.

More details are at Add a site.

Creating a Tunnel

Open the Zero Trust page.

On the left side, click Networks, Tunnels.

Click the "Create a tunnel" button.

Click the Cloudflared connector type.

Enter a name for your tunnel, such as persistent.

Click the "Save tunnel" button.

Select Save tunnel.

In the "Choose your environment" section, click the Debian button.

The boxes below that button give you the commands to run on your Debian server, as shown below. Run them.

At the bottom right, click Next.

In the "Route Traffic" page, make these entries, as shown below.

Subdomain: anything you like, such as tunnel
Domain: choose your domain from the list
Path: leave blank
Service Type: HTTP
Service URL: localhost:80

At the bottom right, click "Complete setup".

Flag H 112.2: Message (15 pts)
The flag is covered by a green rectangle in the image below.
Note that I named my persistent tunnel "proxmox" instead of "tunnel".

Viewing your Web Server

In a Web browser, visit the FQDN for your server, using the subdomain you chose, as shown below.

In my case, I used a subdomain named "cloud2" and put a Proxmox server there. You may have a different subdomain name, and may have an Apache page there.

Note for Proxmox

For a proxmox server, edit your tunnel, and on the Public hostnames page, click "Additional application settings". Click TLS and turn on "No TLS Verify".

References

Create a tunnel (dashboard)

Posted 8-6-25