Connection Principles
Problems with Traditional VPS
When using traditional VPS, you typically need to:
- Open ports โ Firewall settings to allow external inbound connections (22 for SSH, 80/443 for HTTP)
- Fixed IP or domain โ To know where to connect
- Handle DDoS protection โ Public services are vulnerable to attacks
- Manage SSL certificates โ HTTPS requires regular certificate renewal
This is too high a technical barrier for business owners.
RealVcoโs Solution: Cloudflare Tunnel
RealVco uses Cloudflare Tunnel (formerly Argo Tunnel) to solve these problems.
How It Works
You (Browser/Phone)
โ
โผ HTTPS
โโโโโโโโโโโโโโโโโโโโโโโ
โ Cloudflare CDN โ โโโ SSL termination, DDoS protection
โ (Global nodes) โ
โโโโโโโโโโโโโโโโโโโโโโโ
โ
โผ Encrypted tunnel
โโโโโโโโโโโโโโโโโโโโโโโ
โ Cloudflare Tunnel โ
โ (cloudflared) โ
โโโโโโโโโโโโโโโโโโโโโโโ
โ
โผ Outbound only
โโโโโโโโโโโโโโโ
โ Your VPS โ โโโ No inbound ports needed
โ (mVPS) โ
โโโโโโโโโโโโโโโKey Features
| Feature | Description | Benefit |
|---|---|---|
| Outbound-only | VPS actively connects out to Cloudflare | Firewall doesnโt need any inbound ports open |
| Encrypted tunnel | All traffic goes through encrypted tunnel | Cannot be eavesdropped or tampered with |
| CDN acceleration | 300+ global nodes | Fast connections, wherever you are |
| DDoS protection | Built-in Cloudflare protection | Protect your services from attacks |
| Auto SSL | Cloudflare manages certificates | No manual HTTPS setup needed |
What This Means for You
โ Security Improvements
- No public ports: Your VPS has no public inbound ports open
- Hidden real IP: External parties only see Cloudflareโs IP, not your VPS IP
- Automatic protection: DDoS attacks are absorbed by Cloudflare, not affecting your service
โ Convenience Improvements
- No domain setup needed: RealVco provides
*.realvco.comsubdomains - Automatic HTTPS: SSL certificates auto-renew, no expiration worries
- Global acceleration: Fast connections whether youโre in Taiwan, US, or Europe
โ Simplified Management
- No firewall setup: No need to configure iptables or UFW
- No port forwarding: No router or NAT configuration needed
- No certificate management: No Letโs Encrypt or SSL setup required
Technical Architecture
Inside Your mVPS
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Your mVPS โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Cloudflare Tunnel Agent โ โ โโโ Establishes outbound connection
โ โ (cloudflared) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โโโโโโโโโโโโโผโโโโโโโโโโโโ โ
โ โผ โผ โผ โ
โ โโโโโโ โโโโโโ โโโโโโ โ
โ โRoseโ โAda โ โVi โ โ โโโ 3 AI partners
โ โ:80 โ โ:80 โ โ:80 โ โ
โ โโโโโโ โโโโโโ โโโโโโ โ
โ โ โ โ โ
โ โโดโโโโโโโโโโดโโโโโโโโโโดโ โ
โ โ OpenClaw Gateway โ โ
โ โ (Port 8080) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โโโโโโโโโโโดโโโโโโโโโโโ โ
โ โผ โผ โ
โ โโโโโโโโโโ โโโโโโโโโโ โ
โ โAdmin โ โPublic โ โ
โ โPanel โ โPages โ โ
โ โโโโโโโโโโ โโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโAccess URL Mapping
| Service | Internal Port | Public URL |
|---|---|---|
| Admin Panel | 8080 | https://xxx-00.realvco.com |
| Rose | 18100 | https://xxx-1.realvco.com |
| Ada | 18200 | https://xxx-2.realvco.com |
| Vi | 18300 | https://xxx-3.realvco.com |
All URLs go through Cloudflare CDN for acceleration and protection.
Limitations and Considerations
โ ๏ธ Dependency on Cloudflare
- If Cloudflare service is interrupted, connections will be affected
- But your VPS local services continue running normally
- Can connect directly via SSH (if configured) for maintenance
โ ๏ธ Bandwidth Limitations
- Cloudflare Tunnel has no limit on HTTP traffic
- But large file transfers may be slower (through CDN)
- For large file transfers, use SFTP/SCP to connect directly to VPS
โ ๏ธ Geographic Limitations
- RealVco service is available globally
- But some countries/regions may not access Cloudflare (very few)