You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
How to Forward Ports for the WebUI and Protect It with Cloudflare
This guide will walk you through the steps to forward ports for the WebUI of Meshtastic-AI and protect it using Cloudflare. This is useful when you want to access the WebUI from outside your local network while keeping it secure behind Cloudflare.
Prerequisites
You have MESH-AI running on a local server (either a Raspberry Pi, VM, or other devices).
You have a Cloudflare account.
Your local server is accessible via a static IP address or a dynamic DNS (DDNS) setup.
You are comfortable accessing your router's configuration page.
Step 1: Forward Ports on Your Router
To access the MESH-AI WebUI from outside your local network, you must forward the necessary ports in your router. Follow these steps:
1.1 Find Your Local Server’s IP Address
First, find the IP address of the device running MESH-AI. If you're running it on a Linux-based system, you can use the following command to find the local IP address:
hostname -I
Note the IP address (e.g., 192.168.1.100).
1.2 Access Your Router’s Web Interface
Open a web browser and type your router's IP address (e.g., 192.168.1.1 or 192.168.0.1).
Log in with your router’s username and password.
1.3 Set Up Port Forwarding
Navigate to the Port Forwarding section of your router’s settings (this might be under Advanced Settings, NAT, or Firewall).
Add a new port forwarding rule:
External Port: 5000 (This is the default port for the WebUI)
Internal IP Address: The local IP address of the device running MESH-AI (e.g., 192.168.1.100).
Internal Port: 5000 (This is where the WebUI is hosted on the server).
Protocol: TCP/UDP (or just TCP, depending on your router).
Example configuration:
External Port
Internal IP Address
Internal Port
Protocol
5000
192.168.1.100
5000
TCP/UDP
2.4 Configure Cloudflare Proxy Settings
Ensure that the Proxy status is set to Proxied (orange cloud). This will route traffic through Cloudflare’s network, masking your real IP and providing additional security features like DDoS protection.
If you only want to pass traffic through Cloudflare without masking the IP, set the proxy status to DNS only (gray cloud).
2.5 Set Up Cloudflare Access (Optional but Recommended)
To add extra security, use Cloudflare Access to require a username and password to access the WebUI.
Go to Cloudflare Zero Trust (formerly Access) in your Cloudflare dashboard.
Create a new Application:
Application Name: MESH-AI WebUI
Application Type: Self-hosted
Domain: Set it to your subdomain (e.g., webui.yourdomain.com).
Configure the authentication options, such as Google or GitHub login, or set up a simple username/password authentication.
2.6 Update Firewall Settings (Optional)
You can further secure the WebUI by configuring a Firewall Rule in Cloudflare to restrict access to only certain countries or IP ranges.
Go to Firewall in the Cloudflare dashboard and create rules to block any malicious or unwanted traffic.
Step 3: Access the WebUI Securely
Once your port forwarding is set up and Cloudflare is protecting your WebUI, you can access it securely via the subdomain you created, such as:
https://webui.yourdomain.com
Cloudflare will handle the security and ensure your WebUI is hidden behind their firewall. If you enabled Cloudflare Access, you’ll need to log in with the authentication method you configured.
Conclusion
By following these steps, you've successfully forwarded the port for the MESH-AI WebUI and protected it using Cloudflare. This setup ensures that your WebUI is accessible securely over the internet, with additional protection against attacks and unauthorized access.
For any issues or further configuration, refer to the Cloudflare documentation or check the MESH-AI GitHub issues page.
Feel free to ask any questions or share your experience in the comments below!
Here is the guide formatted for a GitHub discussion post:
How to Forward Ports for the WebUI and Protect It with Cloudflare
This guide will walk you through the steps to forward ports for the WebUI of MESH-AI and protect it using Cloudflare. This is useful when you want to access the WebUI from outside your local network while keeping it secure behind Cloudflare.
Prerequisites
You have MESH-AI running on a local server (either a Raspberry Pi, VM, or other devices).
You have a Cloudflare account.
Your local server is accessible via a static IP address or a dynamic DNS (DDNS) setup.
You are comfortable accessing your router's configuration page.
Step 1: Forward Ports on Your Router
To access the MESH-AI WebUI from outside your local network, you must forward the necessary ports in your router. Follow these steps:
1.1 Find Your Local Server’s IP Address
First, find the IP address of the device running MESH-AI. If you're running it on a Linux-based system, you can use the following command to find the local IP address:
hostname -I
Note the IP address (e.g., 192.168.1.100).
1.2 Access Your Router’s Web Interface
Open a web browser and type your router's IP address (e.g., 192.168.1.1 or 192.168.0.1).
Log in with your router’s username and password.
1.3 Set Up Port Forwarding
Navigate to the Port Forwarding section of your router’s settings (this might be under Advanced Settings, NAT, or Firewall).
Add a new port forwarding rule:
External Port: 5000 (This is the default port for the WebUI)
Internal IP Address: The local IP address of the device running MESH-AI (e.g., 192.168.1.100).
Internal Port: 5000 (This is where the WebUI is hosted on the server).
Protocol: TCP/UDP (or just TCP, depending on your router).
Example configuration:
External Port
Internal IP Address
Internal Port
Protocol
5000
192.168.1.100
5000
TCP/UDP
1.4 Save the Settings
Once you've added the port forwarding rule, save the changes. Now, your router should be forwarding requests on port 5000 to your MESH-AI WebUI.
Now that you’ve forwarded the port, let’s protect the WebUI using Cloudflare, which will hide your server’s IP and add an extra layer of security.
2.1 Create a Cloudflare Account
If you don’t already have a Cloudflare account, sign up at Cloudflare.
2.2 Add Your Domain to Cloudflare
After logging into Cloudflare, click Add a Site and enter your domain name (e.g., yourdomain.com).
Cloudflare will scan your domain’s DNS records and import them.
Follow the on-screen instructions to change your domain’s nameservers to Cloudflare’s nameservers (you’ll need to do this through your domain registrar).
2.3 Create a Subdomain for the WebUI
Once your domain is active in Cloudflare, go to the DNS settings.
Add a CNAME record for your subdomain (e.g., webui.yourdomain.com).
Name: webui
Target: Your public IP address or your Dynamic DNS hostname (if you use DDNS).
Example DNS record:
Type
Name
Content
TTL
Proxy status
CNAME
webui
yourpublicip.com
Auto
Proxied
2.4 Configure Cloudflare Proxy Settings
Ensure that the Proxy status is set to Proxied (orange cloud). This will route traffic through Cloudflare’s network, masking your real IP and providing additional security features like DDoS protection.
If you only want to pass traffic through Cloudflare without masking the IP, set the proxy status to DNS only (gray cloud).
2.5 Set Up Cloudflare Access (Optional but Recommended)
To add extra security, use Cloudflare Access to require a username and password to access the WebUI.
Go to Cloudflare Zero Trust (formerly Access) in your Cloudflare dashboard.
Create a new Application:
Application Name: MESH-AI WebUI
Application Type: Self-hosted
Domain: Set it to your subdomain (e.g., webui.yourdomain.com).
Configure the authentication options, such as Google or GitHub login, or set up a simple username/password authentication.
2.6 Update Firewall Settings (Optional)
You can further secure the WebUI by configuring a Firewall Rule in Cloudflare to restrict access to only certain countries or IP ranges.
Go to Firewall in the Cloudflare dashboard and create rules to block any malicious or unwanted traffic.
Step 3: Access the WebUI Securely
Once your port forwarding is set up and Cloudflare is protecting your WebUI, you can access it securely via the subdomain you created, such as:
https://webui.yourdomain.com
Cloudflare will handle the security and ensure your WebUI is hidden behind their firewall. If you enabled Cloudflare Access, you’ll need to log in with the authentication method you configured.
Conclusion
By following these steps, you've successfully forwarded the port for the MESH-AI WebUI and protected it using Cloudflare. This setup ensures that your WebUI is accessible securely over the internet, with additional protection against attacks and unauthorized access.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
How to Forward Ports for the WebUI and Protect It with Cloudflare
This guide will walk you through the steps to forward ports for the WebUI of Meshtastic-AI and protect it using Cloudflare. This is useful when you want to access the WebUI from outside your local network while keeping it secure behind Cloudflare.
Prerequisites
You have MESH-AI running on a local server (either a Raspberry Pi, VM, or other devices).
You have a Cloudflare account.
Your local server is accessible via a static IP address or a dynamic DNS (DDNS) setup.
You are comfortable accessing your router's configuration page.
Step 1: Forward Ports on Your Router
To access the MESH-AI WebUI from outside your local network, you must forward the necessary ports in your router. Follow these steps:
1.1 Find Your Local Server’s IP Address
First, find the IP address of the device running MESH-AI. If you're running it on a Linux-based system, you can use the following command to find the local IP address:
Note the IP address (e.g.,
192.168.1.100).1.2 Access Your Router’s Web Interface
Open a web browser and type your router's IP address (e.g.,
192.168.1.1or192.168.0.1).Log in with your router’s username and password.
1.3 Set Up Port Forwarding
Navigate to the Port Forwarding section of your router’s settings (this might be under Advanced Settings, NAT, or Firewall).
Add a new port forwarding rule:
External Port:
5000(This is the default port for the WebUI)Internal IP Address: The local IP address of the device running MESH-AI (e.g.,
192.168.1.100).Internal Port:
5000(This is where the WebUI is hosted on the server).Protocol: TCP/UDP (or just TCP, depending on your router).
Example configuration:
2.4 Configure Cloudflare Proxy Settings
Ensure that the Proxy status is set to Proxied (orange cloud). This will route traffic through Cloudflare’s network, masking your real IP and providing additional security features like DDoS protection.
If you only want to pass traffic through Cloudflare without masking the IP, set the proxy status to DNS only (gray cloud).
2.5 Set Up Cloudflare Access (Optional but Recommended)
To add extra security, use Cloudflare Access to require a username and password to access the WebUI.
Go to Cloudflare Zero Trust (formerly Access) in your Cloudflare dashboard.
Create a new Application:
Application Name:
MESH-AI WebUIApplication Type: Self-hosted
Domain: Set it to your subdomain (e.g.,
webui.yourdomain.com).Configure the authentication options, such as Google or GitHub login, or set up a simple username/password authentication.
2.6 Update Firewall Settings (Optional)
You can further secure the WebUI by configuring a Firewall Rule in Cloudflare to restrict access to only certain countries or IP ranges.
Go to Firewall in the Cloudflare dashboard and create rules to block any malicious or unwanted traffic.
Step 3: Access the WebUI Securely
Once your port forwarding is set up and Cloudflare is protecting your WebUI, you can access it securely via the subdomain you created, such as:
Cloudflare will handle the security and ensure your WebUI is hidden behind their firewall. If you enabled Cloudflare Access, you’ll need to log in with the authentication method you configured.
Conclusion
By following these steps, you've successfully forwarded the port for the MESH-AI WebUI and protected it using Cloudflare. This setup ensures that your WebUI is accessible securely over the internet, with additional protection against attacks and unauthorized access.
For any issues or further configuration, refer to the Cloudflare documentation or check the MESH-AI GitHub issues page.
Feel free to ask any questions or share your experience in the comments below!
Here is the guide formatted for a GitHub discussion post:How to Forward Ports for the WebUI and Protect It with Cloudflare
This guide will walk you through the steps to forward ports for the WebUI of MESH-AI and protect it using Cloudflare. This is useful when you want to access the WebUI from outside your local network while keeping it secure behind Cloudflare.
Prerequisites
Step 1: Forward Ports on Your Router
To access the MESH-AI WebUI from outside your local network, you must forward the necessary ports in your router. Follow these steps:
1.1 Find Your Local Server’s IP Address
First, find the IP address of the device running MESH-AI. If you're running it on a Linux-based system, you can use the following command to find the local IP address:
Note the IP address (e.g.,
192.168.1.100).1.2 Access Your Router’s Web Interface
192.168.1.1or192.168.0.1).1.3 Set Up Port Forwarding
Navigate to the Port Forwarding section of your router’s settings (this might be under Advanced Settings, NAT, or Firewall).
Add a new port forwarding rule:
5000(This is the default port for the WebUI)192.168.1.100).5000(This is where the WebUI is hosted on the server).Example configuration:
1.4 Save the Settings
Once you've added the port forwarding rule, save the changes. Now, your router should be forwarding requests on port
5000to your MESH-AI WebUI.Step 2: Set Up Cloudflare to Protect the WebUI
Now that you’ve forwarded the port, let’s protect the WebUI using Cloudflare, which will hide your server’s IP and add an extra layer of security.
2.1 Create a Cloudflare Account
2.2 Add Your Domain to Cloudflare
yourdomain.com).2.3 Create a Subdomain for the WebUI
Once your domain is active in Cloudflare, go to the DNS settings.
Add a CNAME record for your subdomain (e.g.,
webui.yourdomain.com).webuiExample DNS record:
2.4 Configure Cloudflare Proxy Settings
2.5 Set Up Cloudflare Access (Optional but Recommended)
To add extra security, use Cloudflare Access to require a username and password to access the WebUI.
Go to Cloudflare Zero Trust (formerly Access) in your Cloudflare dashboard.
Create a new Application:
MESH-AI WebUIwebui.yourdomain.com).Configure the authentication options, such as Google or GitHub login, or set up a simple username/password authentication.
2.6 Update Firewall Settings (Optional)
Step 3: Access the WebUI Securely
Once your port forwarding is set up and Cloudflare is protecting your WebUI, you can access it securely via the subdomain you created, such as:
Cloudflare will handle the security and ensure your WebUI is hidden behind their firewall. If you enabled Cloudflare Access, you’ll need to log in with the authentication method you configured.
Conclusion
By following these steps, you've successfully forwarded the port for the MESH-AI WebUI and protected it using Cloudflare. This setup ensures that your WebUI is accessible securely over the internet, with additional protection against attacks and unauthorized access.
For any issues or further configuration, refer to the [Cloudflare documentation](https://developers.cloudflare.com/) or check the MESH-AI GitHub issues page.
Feel free to ask any questions or share your experience in the comments below!
Beta Was this translation helpful? Give feedback.
All reactions