Add non-HTTP applications
You can secure non-HTTP applications by connecting your private network to Cloudflare. Users reach the application by installing the Cloudflare WARP client on their device and enrolling in your Zero Trust organization. Remote devices will be able to connect to your applications as if they were on your private network. By default, all devices enrolled in your organization can access the application unless you build policies to allow or block specific users.
For a comprehensive overview of how to connect a private network, refer to our implementation guide:
To connect to an application over a specific protocol, refer to these tutorials:
- Connect over SSH with WARP to Tunnel
- Connect over SMB with WARP to Tunnel
- Connect over RDP with WARP to Tunnel
Cloudflare can render certain non-web applications in your browser without the need for client software or end-user configuration changes. Cloudflare currently supports rendering a terminal for SSH and VNC connections in a user’s browser.
To enable browser rendering:
- In Zero Trust, go to Access > Applications.
- Locate the SSH or VNC application you created when connecting the server to Cloudflare. Select Configure.
- In the Policies tab, ensure that only Allow or Block policies are present. Bypass and Service Auth are not supported for browser-rendered applications.
- In the Settings tab, scroll down to Additional settings.
- For Browser rendering, choose SSH or VNC.
- Select Save application.
When users authenticate and visit the URL of the application, Cloudflare will render a terminal in their browser.