Cloudflare Tunnel on an Anubiz Offshore VPS
Cloudflare Tunnel lets you expose a service from your Anubiz VPS without opening any inbound port - the tunnel daemon makes outbound connections to Cloudflare and traffic comes back through that established session. Useful for: hiding the origin IP, putting a service behind Cloudflare Zero Trust auth, exposing admin panels safely. Trade-off: Cloudflare sees plaintext after TLS termination at their edge.
Need this done for your project?
We implement, you ship. Async, documented, done in days.
Step 1: Install cloudflared
Cloudflare repo. apt install cloudflared.
Step 2: Auth and Tunnel
cloudflared tunnel login, cloudflared tunnel create anubiz-vps1. Saves credentials in ~/.cloudflared/<uuid>.json.
Step 3: Ingress Config
/etc/cloudflared/config.yml: tunnel uuid, credentials-file path, ingress: hostname app.example.com service http://localhost:3000, catchall http_status 404.
Step 4: DNS Route
cloudflared tunnel route dns anubiz-vps1 app.example.com. Cloudflare creates the CNAME.
Step 5: nftables
Remove inbound rules for the tunneled service entirely. Only outbound matters. The internet cannot reach localhost:3000 directly.
Related Services
Why Anubiz Host
Ready to get started?
Skip the research. Tell us what you need, and we'll scope it, implement it, and hand it back — fully documented and production-ready.