Exposing web services to the internet requires a static IP which can then be mapped to a domain name making it accessible over the internet. There are services that enable us to do the same without the need for a static IP.
Cloudflare Tunnel
- Cloudflare tunnel makes use of a deamon called cloudflared running on the machine which is running a service that needs to be exposed to the internet.
- cloudflared creates an outbound connection to the cloudflare network.
- Cloudflare tunnel can expose any kind of protocols to the web.
- Since there is no static ip and the machine is not exposed directly the attack surface small/non-existant.
- Any attack should bypass the cloudflare network security if a service is exposed through the cloudflare tunnels.
- The Image below shows how cloudflare tunnel works.
