For a self-hosted application with a valid SSL certificate and support for OAuth, what are the benefits that Cloudflare Access provides? From what I can tell, it also filters traffic to possibly block attacks? Can it even be used with a self-hosted app if you aren’t also running Cloudflare Tunnel? Is there a better alternative (that also integrates with major OAuth providers like Google, Github, etc) for self-hosters? Thanks for the help in understanding how this works.

  • QF17@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I can expose things like HASS and my Unifi controller to the public internet, but stick it behind Cloudflare Access (and Office 365) for protection.

    I can essentially unlock my door anywhere in the country, as O365 has conditional access setup to block international logins and I’ve got MFA set up on it.

    My port forwarding is only enabled for Cloudflare IP’s, as is Nginx (for extra piece of mind) and I’ve got CF client certificates installed as well.

    It mitigates the need for me to configure and use a VPN (although I’ve got one of those configured as well) - which I’ve noticed can be disabled on some networks (I always had trouble using VPN’s on T-Mobile in North America when I was there in 2018)

    • Darkassassin07
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      which I’ve noticed can be disabled on some networks

      I’ve found a few networks where my normal VPN connection won’t work. Typically they just block all outgoing ports except common ones like 80,443,22,53,etc. I’ve got a few of those setup so I can try alternates. 22 usually works.