Cloudflared Tunneling

Suman Adhikari September 01, 2025 Add Comment

You want to expose your laptop’s localhost (like a web app running on http://127.0.0.1:3000 or http://localhost:8000) to the internet using Cloudflare, right?

The easiest and most secure way is using Cloudflare Tunnel (Cloudflared).

🔹 Steps to expose localhost with Cloudflare

Install Cloudflared

On Linux/macOS:


curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -o cloudflared.deb
sudo dpkg -i cloudflared.deb

On Windows:
Download from Cloudflared GitHub releases and install.

Login to Cloudflare
```
cloudflared tunnel login
```
This opens a browser, asks you to log in to your Cloudflare account, and select a domain you own.

Create a Tunnel


cloudflared tunnel create my-tunnel

cloudflared tunnel --url http://localhost:8000

cloudflared tunnel --url https://localhost:10000/ --no-tls-verify

Configure Tunnel to expose localhost

Example: expose http://localhost:8000
Create a config file:


tunnel: my-tunnel
credentials-file: /home/user/.cloudflared/my-tunnel.json

ingress:
  - hostname: app.yourdomain.com
    service: http://localhost:8000
  - service: http_status:404

Route traffic
Point your Cloudflare DNS hostname (app.yourdomain.com) to the tunnel:
```
cloudflared tunnel route dns my-tunnel app.yourdomain.com
```
Run the Tunnel
```
cloudflared tunnel run my-tunnel
```

Now your localhost app is available on the internet at
👉 https://app.yourdomain.com

🔹 If you don’t own a domain

Cloudflare Tunnel can still give you a random .trycloudflare.com URL:


cloudflared tunnel --url http://localhost:8000

It will output something like:


https://random-subdomain.trycloudflare.com

Share that link and people can access your local app.

If you start with the random .trycloudflare.com URL now, you can later switch to your own domain without problems.

Here’s how it works:

Random mode (cloudflared tunnel --url http://localhost:8000)
- No domain required.
- You instantly get a temporary link like https://xyz123.trycloudflare.com.
- Great for testing or quick sharing.
- The link changes every time you restart.
Domain mode (with your Cloudflare-managed domain)

Permanent link like https://app.yourdomain.com.
Requires creating a named tunnel + DNS record.
You can later “upgrade” your setup by creating a tunnel and pointing it to your domain, without changing your app.

Suppose you want:

main.sumanadhikary.com.np → your local website on port 80
blog.sumanadhikary.com.np → your local app on port 8080
test.sumanadhikary.com.np → your local service on port 10000

🔹 Config file (`~/.cloudflared/config.yml`)


tunnel: my-tunnel
credentials-file: /home/your-username/.cloudflared/my-tunnel.json

ingress:
  - hostname: main.sumanadhikary.com.np
    service: http://localhost:80
  - hostname: blog.sumanadhikary.com.np
    service: http://localhost:8080
  - hostname: test.sumanadhikary.com.np
    service: http://localhost:10000
  - service: http_status:404

🔹 Steps

Login once (to get cert.pem):
```
cloudflared tunnel login
```
Create a tunnel:
```
cloudflared tunnel create my-tunnel
```

Add DNS records (in Cloudflare dashboard or via command):


cloudflared tunnel route dns my-tunnel main.sumanadhikary.com.np
cloudflared tunnel route dns my-tunnel blog.sumanadhikary.com.np
cloudflared tunnel route dns my-tunnel test.sumanadhikary.com.np

(This automatically creates CNAME records pointing to your tunnel.)

Run the tunnel:
```
cloudflared tunnel run my-tunnel
```

✅ Now:

https://main.sumanadhikary.com.np → localhost:80
https://blog.sumanadhikary.com.np → localhost:8080
https://test.sumanadhikary.com.np → localhost:10000

the software just uses the IP 192.168.19.15, and you don’t know which port it’s running on. That’s common with proprietary intranet apps. No problem — here’s how you can find it:

Step 1: Check if it’s a browser-based app

On your office laptop, open a browser and type:
```
http://192.168.19.15
```
or
```
https://192.168.19.15
```
If it loads, the port is default:
- http → port 80
- https → port 443

Step 2: Scan the server for open ports

If it doesn’t load in a browser:

Option A: On office laptop (Windows)

Open CMD as Administrator
Run:


netstat -a -n | findstr 192.168.19.15

This lists all ports the software/server is listening on.
Look for LISTENING entries on that IP.

Option B: On office laptop (Linux)


sudo netstat -tulpn | grep 192.168.19.15

Shows which ports are active and which program uses them.

Step 3: Test the port

Once you find a port (e.g., 5000):


cloudflared tunnel --url http://192.168.19.15:5000

Cloudflare will give you a public URL.
Open that URL from home to access the intranet software fast, no AnyDesk lag.

For windows

Here’s a step-by-step guide to install and use it:

🔹 1. Download Cloudflared for Windows

Go to the official release page: Cloudflared GitHub Releases.
Download the latest cloudflared-windows-amd64.exe (if your system is 64-bit).
Rename it to cloudflared.exe for convenience.
Move it to a folder like:
- C:\Program Files\cloudflared\
- or add it directly into a folder already in your PATH (like C:\Windows\System32).

🔹 2. Add to PATH (optional but recommended)

Press Win + R → type sysdm.cpl → Enter.
Go to Advanced → Environment Variables.
Under System variables, find Path → Edit → Add new entry:
```
C:\Program Files\cloudflared\
```
Click OK → OK.

Now you can run cloudflared from any terminal (PowerShell or Command Prompt).

🔹 3. Basic Commands

Check installation:
```
cloudflared --version
```
Run a tunnel to a local web server (example on port 80):
```
cloudflared tunnel --url http://localhost:80
```
→ This gives you a temporary Cloudflare URL to access your local server.
Login to Cloudflare (for persistent tunnels):
```
cloudflared tunnel login
```
→ This opens your browser to authenticate with your Cloudflare account.
Create a named tunnel:
```
cloudflared tunnel create my-tunnel
```

Route a domain (requires Cloudflare-managed domain):


cloudflared tunnel route dns my-tunnel sub.example.com

Run tunnel (persistent):
```
cloudflared tunnel run my-tunnel
```

🔹 4. Run as a Service (Windows)

To make the tunnel always run in background:


cloudflared service install

This installs it as a Windows Service.

if you already own your domain (and it’s managed through Cloudflare DNS), then you can make cloudflared serve your site securely under your own domain instead of the temporary trycloudflare.com links.

Here’s how you’d do it:

🔹 1. Prerequisites

Your domain must be added to Cloudflare (via their dashboard).
DNS must be managed by Cloudflare (nameservers pointing to Cloudflare).
cloudflared installed on Windows (as I showed earlier).

🔹 2. Authenticate `cloudflared`

Run:


cloudflared tunnel login

A browser window will open → login with your Cloudflare account.
Select the domain you want to use.
A certificate will be downloaded to C:\Users\<You>\.cloudflared\.

🔹 3. Create a Tunnel


cloudflared tunnel create my-tunnel

This creates a new tunnel ID.
Config file and credentials will be stored under
C:\Users\<You>\.cloudflared\.

🔹 4. Configure Tunnel (config.yml)

Make a file at:


C:\Users\<You>\.cloudflared\config.yml

Example:


tunnel: my-tunnel
credentials-file: C:\Users\<You>\.cloudflared\my-tunnel.json

ingress:
  - hostname: app.yourdomain.com
    service: http://localhost:8080
  - service: http_status:404

👉 Replace:

app.yourdomain.com with your real subdomain.
http://localhost:8080 with whatever service/port you’re running.

🔹 5. Connect Domain to Tunnel

Run:


cloudflared tunnel route dns my-tunnel app.yourdomain.com

This automatically creates a CNAME record in Cloudflare DNS that points to the tunnel.

🔹 6. Run the Tunnel

Now start the tunnel:


cloudflared tunnel run my-tunnel

or install it as a service:


cloudflared service install

Install Apache2 for Linux Server

ASI Suman Adhikari December 24, 2024 Add Comment

ASI Suman Adhikari

TO install LAMP stack (Linux, Apache2, MySQL, PHP) and phpMyAdmin on your Linux system using a Text User Interface (TUI) tool called tasksel. tasksel is a Debian-based tool (used in Ubuntu and other Debian-based distributions) that allows you to install predefined groups of packages like LAMP with just a few simple commands.

Here’s how you can do it using tasksel for the full LAMP stack setup:
Steps to Install LAMP Stack Using tasksel:
1. Update Package List

First, update your package list to ensure you have the latest packages:

sudo apt update

2. Install tasksel

Install tasksel if it’s not already installed:

sudo apt install tasksel

3. Install LAMP Stack Using tasksel

To install the LAMP stack, simply use tasksel:

sudo tasksel install lamp-server

This command will install:

Apache2 (web server)
MySQL (database server)
PHP (for dynamic content)
Additional PHP modules needed to integrate with Apache and MySQL

After the installation, Apache2, MySQL, and PHP will be installed and configured.
4. Install phpMyAdmin Using tasksel

If you also want to install phpMyAdmin, you can use tasksel for that as well:

sudo tasksel install phpmyadmin

This command installs phpMyAdmin, which is a web-based interface to manage MySQL databases.
5. Check the Installation

Once the installation is complete, you can check if everything is set up:

Apache: Open your web browser and visit http://localhost/. You should see the Apache2 default page.

phpMyAdmin: Visit http://localhost/phpmyadmin/ in your browser. If everything is set up, you should see the phpMyAdmin login page. Log in with the MySQL root user or any other MySQL user you created during installation.

6. Restart Apache2

In case Apache2 or other services are not running automatically, you can restart Apache2 and MySQL manually:

sudo systemctl restart apache2
sudo systemctl restart mysql

7. Configure Firewall (Optional)

If you have a firewall enabled, allow HTTP and HTTPS traffic:

sudo ufw allow in "Apache Full"

8. Clean Up (Optional)

After confirming everything works, remove any unnecessary files or temporary configurations. For example, remove info.php file (if you created it to test PHP):

sudo rm /var/www/html/info.php

10. Now install mysql

To install all mysql file you need to write where * install all required files.

sudo apt install libapache2-mod-php php-mysql php-cli php-common php-json php-zip php-gd php-mbstring php-xml php-curl

sudo apt install mysql*

Now you have mysql installed on your computer and you can login it with your root password and for phpmyadmin you need to create a username and set password so for this operation you need to put following command.

sudo mysql -u root -p

SET GLOBAL validate_password.policy=0;

SET GLOBAL validate_password.length=6;

CREATE USER 'ksumanadhikari'@'localhost' IDENTIFIED BY 'welcome';

GRANT ALL PRIVILEGES ON *.* TO 'ksumanadhikari'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;

Activate Window

Suman Adhikari November 19, 2024 Add Comment

Suman Adhikari

PowerShell is a powerful scripting language and command-line shell developed by Microsoft. One of its most fascinating capabilities is its ability to execute commands and scripts from remote URLs. A frequently used shorthand for downloading and executing a script in PowerShell is:

$ irm https://get.activated.win | iex

Understanding the Command

irm
irm is short for Invoke-RestMethod, a cmdlet in PowerShell used to send HTTP or HTTPS requests to a web server and process the response. In this context, it fetches the script or data hosted at the provided URL (https://get.activated.win).
https://get.activated.win
This URL points to the location of the script or resource to be downloaded. When you run the command, PowerShell fetches the content hosted here.
| iex
The | symbol is a pipeline operator in PowerShell. It takes the output from the irm command and passes it to iex.
iex stands for Invoke-Expression, which evaluates or runs the code it receives as input.
In this case, the script fetched from https://get.activated.win is executed immediately by PowerShell.

Purpose of the Command

This command is commonly used for:

Bootstrap Installers: Installing tools or software by fetching and executing an installer script directly from a URL.
Custom Scripts: Running automation scripts hosted online.
Quick Deployments: Setting up configurations or environments on remote machines with minimal input.

Security Implications

While the command is extremely convenient, it also comes with significant security risks. Downloading and executing code directly from the internet without verifying its contents can lead to:

Malware Infections: Malicious actors may host harmful scripts under seemingly legitimate URLs.
Unauthorized Access: Scripts could install backdoors or steal sensitive information.
System Compromise: A poorly written script might unintentionally break critical system components.

How to Use the Command Safely

Verify the Source
Ensure that the URL (https://get.activated.win in this case) is legitimate and comes from a trusted source.
Inspect the Script
Instead of executing the command directly, download the script first and inspect its contents. You can do this by running:
```
irm https://get.activated.win > script.ps1
notepad script.ps1
```
Run with Limited Permissions
Execute scripts in a controlled environment, such as a virtual machine or a sandbox, to mitigate risks.
Avoid as a Habit
Use this approach sparingly. Prefer fetching scripts, inspecting them, and executing only those you trust.

Conclusion

The $irm https://get.activated.win | iex command showcases the power of PowerShell to interact with web resources seamlessly. However, this convenience demands responsibility. Always be cautious about where your scripts come from and what they do. By following best practices, you can leverage this command safely and efficiently.

Do you often use this command or similar ones? Share your experiences or tips in the comments below!

Architecture identifiers

Suman Adhikari November 15, 2024 Add Comment

Computer Fundamental educational Linux