diff --git a/External-Webserver-use:-Reverse-proxy.md b/External-Webserver-use:-Reverse-proxy.md
index d1819aa..f953645 100644
--- a/External-Webserver-use:-Reverse-proxy.md
+++ b/External-Webserver-use:-Reverse-proxy.md
@@ -8,8 +8,14 @@ Main use-case for use with Plan is easier https set-up and removal of `:PORT` fr
 
 > :warning: **Limited support notice** :warning:  
 > If things on this tutorial don't work for you, consult documentation of your webserver. Very limited support will be provided for configuration issues of reverse-proxies.
->
-> There is a debugging checklist at the bottom of this article to help you figure out where the issue is when you're setting up.
+
+**Table of contents**
+
+- Nginx
+- Apache
+- Cloudflare
+- Password bruteforce -guard and whitelist support (X-Forwarded-For)
+- Debugging checklist
 
 # Nginx reverse-proxy
 
@@ -120,9 +126,43 @@ certbot certonly --apache -d plan.example.com
 
 After installing HTTPS on the Apache, you can [set up proxy settings for Plan](https://github.com/plan-player-analytics/Plan/wiki/SSL-Certificate-%28HTTPS%29-Set-Up#if-behind-a-proxy)
 
+# Cloudflare Reverse-proxy
+
+Credit to [**Person0z**](https://github.com/plan-player-analytics/Plan/issues/3365) for this section
+
+## Steps:
+1. Create a tunnel on [Cloudflare Zero Trust](https://dash.teams.cloudflare.com/).
+2. Get your tunnel token and set it into your VM.
+3. Map to http://localhost:8804.
+3. Done.
+
+## Step by step
+
+1. Go to [Cloudflare Zero Trust](https://dash.teams.cloudflare.com/).
+2. `Access` > `Tunnels` > `Create Tunnel`
+
+   <img src="https://user-images.githubusercontent.com/1336778/160877346-01fe89f0-b55d-4417-92f7-fe7509656255.png" width="800" />
+
+3. Type a `Tunnel name` such as `Plan` and save tunnel.
+4. Click the token to copy it.
+
+   <img src="https://media.discordapp.net/attachments/1180592860333092925/1185131651014070342/Screenshot_2023-12-15_020958.png?ex=658e7edc&is=657c09dc&hm=7efe29bed5b69db47137b05ae4856720b526495ecd9659e58f82f2b88491e2ec&=&format=webp&quality=lossless&width=861&height=605" width="800" />
+
+6. `Terminal` > Copy the code that Cloudflare gave you, or the install app, and paste it into terminal and activate it!
+7. Check if it installed successfully from the terminal output.
+8. Go back to `Cloudflare Zero Trust`, if you see your connector, then click `Next`
+
+    <img src="https://user-images.githubusercontent.com/1336778/160883516-66c059db-442d-4e2c-845a-c8eaf7a7f992.png" width="800" />
+
+9. Choose your favorite domain name and map to `http://localhost:8804`
+
+    <img src="https://media.discordapp.net/attachments/1180592860333092925/1185130958513516544/Screenshot_2023-12-15_020711.png?ex=658e7e37&is=657c0937&hm=c6544802403bb9eb8a1843d632423cfe19a66278779d786417a24fc1550b7f79&=&format=webp&quality=lossless&width=1154&height=315" width="800" />
+
+10. Click `Save` and go to your domain name `https://<your domain name>` and done!
+
 # Password bruteforce -guard and whitelist support (X-Forwarded-For)
 
-To keep stuff that relies on IP of the requester functional behind reverse-proxy.
+To keep stuff that relies on IP of the requester functional behind reverse-proxy. This may not be supported by Cloudflare.
 
 - Make sure reverse-proxy is passing request IP in `X-Forwarded-For` header
 - Make sure Plan can't be accessed without connecting through reverse proxy