CloudFlare Tunnel is a really useful feature that lets you host web applications on the Internet without exposing your server. Instead of opening ports and configuring firewall rules, CloudFlare Tunnel creates a secure outbound connection from your server directly to CloudFlare’s network. The best part? You don’t even need a public IP address. Your server connects to CloudFlare, and CloudFlare handles all incoming requests on your behalf. It’s a simple, elegant solution that significantly improves your security posture.
If you’ve gone through CloudFlare’s dashboard to create a tunnel, they recommend running cloudflared as a system service. The instructions seem simple enough: add the CloudFlare repository, install the cloudflared package, then run
sudo cloudflared service install
What if you accidentally install cloudflared on the wrong machine? Maybe you meant to install it on your web server A, but you ran the commands on a different server B instead. You will end up with an active connector, but it will fail with a 502 Gateway Error. Why? Because CloudFlare is trying to reach your web application on server B, but the application is actually on server A.
If, like me, you continued to install cloudflared on the correct server A, you would end up with multiple Connectors to both servers A and B, and worse, your web application will work half the time.
Unfortunately, CloudFlare’s documentation doesn’t explain how to remove a connector. But it’s actually quite simple on Debian and Ubuntu systems.
If you want to temporarily stop and disable the cloudflared service, run
sudo systemctl stop cloudflared
sudo systemctl disable cloudflared
To complete uninstall cloudflared (works on all OSes), run
sudo cloudflared service uninstall
Optionally, you can also delete the cloudflared repo by doing:
sudo rm /etc/apt/sources.list.d/cloudflared.list
That’s it. The connector is now completely removed from your system, and you’re ready to install it on the correct machine.