📋 Before You Begin
Make sure you have these ready:
- ✅ A domain name (purchased from any registrar)
- ✅ A local server/service running (e.g., http://localhost:8080)
- ✅ Administrator access to your local machine
- ✅ Internet connection on your home server
1
Create and Configure Cloudflare Account
1.1 Sign Up for Cloudflare
- Go to https://dash.cloudflare.com/sign-up
- Enter your email and create a password
- Verify your email address
1.2 Add Your Domain
- Click "Add a site"
- Enter your domain name (e.g.,
example.com) - Select the Free plan
1.3 Update Nameservers
- Cloudflare will show you two nameserver addresses
- Log in to your domain registrar
- Replace existing nameservers with Cloudflare ones
⏱️ DNS changes can take from a few minutes to 48 hours to propagate
2
Install cloudflared on Your Local Server
- Download from: GitHub Releases
- Look for
cloudflared-windows-amd64.exe - Create folder
C:\cloudflared - Rename downloaded file to
cloudflared.exe - Open Command Prompt as Administrator:
cd C:\cloudflared
Run these commands in terminal:
curl -L https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-archive-keyring.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/cloudflare-archive-keyring.gpg] https://pkg.cloudflare.com/cloudflared $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflared.list
sudo apt update
sudo apt install cloudflared
brew install cloudflared
Verify installation:
cloudflared --version
3
Authenticate with Cloudflare
cloudflared tunnel login
- A browser window will open automatically
- Log in to your Cloudflare account
- Select your domain and click "Authorize"
This downloads a certificate file to
~/.cloudflared/cert.pem
4
Create a Tunnel
cloudflared tunnel create my-home-server
You'll see output like:
Created tunnel my-home-server with id: 12345678-aaaa-bbbb-cccc-123456abcdef
🔑 Save this tunnel ID - you'll need it for configuration!
5
Create Configuration File
Create config.yml in your .cloudflared folder:
tunnel: my-home-server
credentials-file: C:\cloudflared\12345678-aaaa-bbbb-cccc-123456abcdef.json
ingress:
- hostname: home.example.com
service: http://localhost:8080
- service: http_status:404
tunnel: 12345678-aaaa-bbbb-cccc-123456abcdef
credentials-file: /home/username/.cloudflared/12345678-aaaa-bbbb-cccc-123456abcdef.json
ingress:
- hostname: home.example.com
service: http://localhost:8080
- service: http_status:404
⚙️ Replace the placeholder values with your actual tunnel ID, paths, and domain
6
Route DNS to Your Tunnel
cloudflared tunnel route dns my-home-server home.example.com
This creates a CNAME record automatically in Cloudflare DNS.
7
Test Your Tunnel
cloudflared tunnel run my-home-server
Leave this terminal window open and visit:
https://home.example.com
You should see your local service!
8
Run as a Service (Optional but Recommended)
In Command Prompt as Administrator:
cd C:\cloudflared
cloudflared.exe service install --config C:\cloudflared\config.yml
Move files to system location:
sudo mkdir -p /etc/cloudflared
sudo cp ~/.cloudflared/config.yml /etc/cloudflared/
sudo cp ~/.cloudflared/12345678-aaaa-bbbb-cccc-123456abcdef.json /etc/cloudflared/
sudo cloudflared service install
sudo systemctl enable --now cloudflared
➕
Managing Multiple Services
You can expose multiple services through the same tunnel:
ingress:
- hostname: photos.example.com
service: http://localhost:3000
- hostname: nas.example.com
service: http://localhost:5000
- hostname: rdp.example.com
service: tcp://localhost:3389
- service: http_status:404
Then run DNS routing for each hostname.
🔧
Troubleshooting Common Issues
| Issue | Solution |
|---|---|
| 403 Forbidden | DNS route not set up - run tunnel route dns command |
| ERR_CONNECTION_REFUSED | Local service not running or wrong port in config |
| Timeout errors | Try adding --protocol h2mux to run command |
| Tunnel shows "Inactive" | cloudflared not running - check service status |
⚡
Quick Test (No Domain Required)
For temporary testing without a domain:
cloudflared tunnel --url http://localhost:8080
You'll get a random trycloudflare.com URL valid for a few hours.
📌 Important Notes
- Security: No inbound ports need to be open on your router
- SSL/HTTPS: Cloudflare provides automatic SSL certificates
- Speed: Free tier works well but may have variable performance
- Reliability: Tunnel automatically reconnects after internet drops