host header override cloudflare tunnel
I have a router at home which checks for the host header of the incoming request, meaning I need to access the routers web interface either by IP or the name given from the provider, such as `router.local`. However, I also want to access my router via Cloudflare tunnel securely, which is awesome if I need to help out family and friends.
I have a raspberry pi zero setup, with Cloudflare tunnel (you need to compile it for the pi zero) and I’m pointing a public host name to my router’s IP address. Now, when I want to access the router, I get an error message that I’m not requesting the page from the right origin, since it’s the public hostname I just configured. Let’s change that in the
cloudflared.yaml config file:
tunnel: some-ran-dom-id-in-here credentials-file: /home/pi/.cloudflared/some-ran-dom-id-in-here.json ingress: - hostname: myrouter.example.com service: http://192.168.1.1 originRequest: httpHostHeader: 192.168.1.1 - service: http_status:404
The important bit is the
httpHostHeader section. This way, I can still access my router’s interface via
cloudflared will send the
httpHostHeader to the router.
Don’t forget to protect the router with Cloudflare Access as well, you probably don’t want the router exposed to the internet directly with their
shitty web login.
some more links to Cloudflare tunnel: