Expose your localhost to Public Internet Securely

This article outlines a procedure for secure access of a localhost to the public internet without the requirement of firewall modification or a public IP address for port forwarding. The objective is to offer a secure means of accessing localhost resources over the public internet. The solution entails the utilization of the free Cloudflare tunneling service to establish a secure connection between the localhost and the internet.

Pre-requisites

Steps involvs the deployment process for a Cloudflare Argo Tunnel. There are two options for accessing the tunnel:

Utilizing the cloudflared CLI to generate a temporary, randomly generated domain name provided by Cloudflare.
Utilizing an already purchased domain name, which requires additional configuration.

It is important to note that the randomly generated URL is only valid for the duration of the active cloudflared session but if we use our own domain then we just need to start cloudflared service.

Cloudflared Command Line

First we need to download and install cloudflared on our system . Installation is based on Type of OS we are using.

For Windows users:

Download and Install file given below https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-windows-amd64.msi

For Linux Users:

Open Terminal and enter following command to download and install utility

curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb && sudo dpkg -i cloudflared.deb

Start Argo Tunnel

A service running locally must be present, accessible through localhost or IP address 127.0.0.1, prior to deploying Cloudflare Argo Tunnel.
Type following command and replace parameters accordingly:

cloudflared tunnel --url localhost:80

It's important to ensure that the specified port in the command line matches the port on which the target application is running, otherwise the connection to the localhost will fail.
Please ensure that the terminal or command prompt used to establish the Cloudflare Argo Tunnel remains open, as closing it will result in the termination of the tunnel.

It is essential to note that the functionality of the created tunnel will persist as long as the terminal or command prompt window remains open. Terminating the process by utilizing a CTRL + C command will result in the discontinuation of the tunnel and loss of accessibility to the localhost application from the internet.

Cloudflare Zero Trust Network Access(ZTNA)

The Zero Trust Network Access (ZTNA) approach implements a secure boundary around applications by evaluating and verifying the identity, context, and policy compliance of each request before granting access to resources. This creates a secure environment where only authorized access is granted.

Add a new Domain to Cloudflare

To utilize Zero Trust Network Access (ZTNA) technologies, it is necessary to have a domain name. The process involves establishing a tunnel and mapping it to the desired domain name, thereby connecting it to the localhost. This enables secure access to the localhost via the assigned domain name.

Sign Up / Login to Cloudflare

We must establish an account on the Cloudflare website. In the case of non-existing account, a new account can be created. The Free Tier option should be selected, as Cloudflare offers free personal usage and a free SSL certificate for domains, providing TLS security for websites, evidenced by the "https" protocol instead of "http".

Add Site

After successful Login we need to add a new site to add our domain name. We need to change our original DNS servers and will use cloudlfare's DNS servers. Configuration varies according to hosting providers.

Step - 2 Scroll down and select Free version.

Step - 3 Cloudflare will give us 2 Domain Name Servers(DNS) we need to put these addresses in Custom DNS option on our Domain Provider's portal. Different providers(GoDaddy, Big Rock, Hostinger etc) may have different locations to put Custom DNS.

Step - 4 After saving Custom DNS it may take a few hours until you will see Active on your webiste.

Configure Zero Trust Environment

Step 1 : After you see Active on your domain name, navigate to the "Access" section of the console to view access-related settings and configurations. Locate the "Launch Zero Trust" option within the "Access" section and click on it to launch the zero-trust architecture system.

Step 2 : Expand Access from left Navigation and Click on Tunnels

NOTE: The portal may prompt you to submit a payment of zero dollars. Please ensure that you provide the requisite information, as no actual payment is required at this stage.

Step 2 : Click on "Create a tunnel"

Step 3 : Give a name to your tunnel. This name should be unique from your other tunnels.

Step 4 : To utilize Cloudflare's service on your personal computer, it is necessary to install the cloudflared binary and execute the command provided.

Step 5 : After selecting environment and running the command, you should see an instance down below having "Connector ID". After this click Next.

Step 6 : Give your tunnel a hostname by putting a subdomain along with your domain and and path(if required). Select HTTPS and put your localhost along with port your Web App or service running on.

Step 7 : Go to "Additional application Settings" > TLS > Enable the "No TLS Verify" and we are done. You can now access your localhost using your domain name appended by your provided sudomain.

In the event that the instance running the cloudflared binary is terminated, access to the localhost will be impeded. To resolve this, the user can opt for Linux as the environment and subsequently initiate the cloudflared service to establish a tunnel for accessing the localhost during subsequent instances.

Then we may navigate to the relevant URL to access the localhost. As an illustration, consider the instance where a Json API server has been hosted.

Google Sites

Report abuse