Goodbye Open Ports
Maximum Security and HTTPS with Cloudflare Tunnel
In the old days, to put a server on the internet, you needed to:
Open firewall ports (80, 443, 8080).
Configure router forwarding (NAT).
Expose your server's real IP to the world.
Suffer configuring SSL certificates (that green padlock) that expired every 3 months.
Forget that. There is a much better, safer, and free way: Cloudflare Tunnel.
Today, I'll show you how I connected my Oracle server to the world without opening any entry ports.
1. The Tunnel Concept
Imagine that instead of opening your front door to receive visitors, you dug a secret underground tunnel that leads straight into Cloudflare's secure room. That's what cloudflared does. It creates an encrypted outbound connection. No one on the internet can "knock" on my server because there are no open ports.
2. Configuration via File (YAML)
To maintain total control, I configured the tunnel using a config.yml file inside the server. The magic happens in the routing:
YAML
ingress:
- hostname: n8n.mydomain.com
service: http://localhost:5678
- hostname: api.mydomain.com
service: http://localhost:8080
Look how amazing this is: Cloudflare receives access on the n8n subdomain and delivers it straight to the internal port 5678 of my Docker. The world sees secure HTTPS, but my server doesn't even know what SSL is.
3. Secure Webhook
I also configured a route for webhook.mydomain.com. This allows external systems to send data to my automations with total security and speed.
Week 2 Conclusion We have the machine, we have Docker, we have spare memory (Swap), and we have an armored connection. The stage is set. Next week, the show begins: we will install and integrate n8n and Evolution API.
