1

I have two Flask websites running on an ubuntu machine running on my home server. Both of them are running as a service with Gunicorn, one is on port 9000, the other is on 9001. I have registered a Cloudflare account, where I created a Zero Trust tunnel and configured my home server as a connector. Then I registered a domain and set up the public hostnames like this:

Website one: 192.168.1.2:9000 goes to subdomain1.domain.com
Website two: 192.168.1.2:9001 goes to subdomain2.domain.com

I don't have SSL or Nginx setup, but to me it seems like everything is fine. Both websites are accessible and running and I don't have any ports open.

Question one: Is SSL like this secure? So based on my knowledge the connection between Cloudflare and my client and between Cloudflare and my server is secure, and the only plain text http is between the Cf connector and Flask, which is fine as that is only internally on my server. Is this true?

Question two: Is my described method okay for hosting the websites? If not what would be? Thanks for reading.

Improve this question
3
  • This is really opinion based. For a regular website its likely fine. Are you blocking port 9000 and 9001 for outside hosts other then Cloudflare? An alternative way to do this would be to run Apache on the server and use mod_proxy to forward requests to 9000 or 9001 depending on the VHOST. (which seems to be the equivalent of what you are getting Cloudflare to do).
    – davidgo
    Commented Jan 23 at 9:46
  • @davidgo Yes, the ports are blocked. Do you know anything about the SSL part? Thanks.
    – Daniel
    Commented Jan 23 at 16:40
  • whats to know about the SSL part? SSL protects clients against mitm attacks - so if you are using a vpn or similar between yourself and Cloudflare you should be OK. If your computer is compromised whether you have http or https between sockets is not very omportant.
    – davidgo
    Commented Jan 23 at 17:59

0

Reset to default

Browse other questions tagged .