Cloudflare offers some additional security when it comes to hosting your Hudu instance. Using a Cloudflare tunnel, you can eliminate exposing your outside IP address to hackers and DDOS attacks. The basic approach that Cloudflare uses is to run a connector inside your network to connect back to Cloudflare’s server. This provides a reverse proxy to their servers. Which connector you use is going to be up to how your hosting network is configured. For this example, we will be hosting Hudu in DigitalOcean and using the Docker connector running directly on the Hudu host.
- Use Cloudflare’s portal and set up an A record for your Hudu instance. This typically would be something like docs.mydomain.com.
- Make sure to setup Proxy on the DNS record you created.
- Install Hudu using no SSL setup guide. Once this is setup, test to make sure it is working and Hudu comes up. You should be able to browse to docs.mydomain.com and get the initial sign in page for Hudu.
- Click on Cloudflare Zero Trust link within Cloudflare portal. Click on Networks and Click Tunnels.
- Click ((+ Create a tunnel)) you can call it anything that makes sense to you. (ie. Tunnel to Hudu instance).
- Next choose your connector environment. For this example, we will choose Docker. It will give you the docker command necessary to use in your Hudu host. You will want to edit the command and add some additional commands to name the docker container and to add persistence to it as well. Here is an example (add the items in red):
docker run -d -–name hudutunnell –-restart unless-stopped cloudflare/cloudflared:latest tunnel --no-autoupdate run --token "Your token"
- Change into the ~/hudu2 directory and paste the command.
- Click the Public Hostname tab in Cloudflare and add the subdomain and domain that is listed in your .env file. Use type of http. Save Hostname.
- Test your connection by browsing to the public hostname. You should get a Cloudflare SSL certificate and Hudu should be up and running.
- After everything is confirmed up and running, you'll need to remove the line DISABLE_SSL=true from your .env file to ensure you can download files within your Hudu environment. Make sure to bring docker down and back up to save this change.