A client of ours has the domain client.com
Our application is at superapp.mycompany.com
We want the client to be able to access our application via their own subdomain, like: superapp.client.com.
Normally we'd just tell the client to add a cname for superapp and point it to superapp.mycompany.com. Then on our server (IIS) we'd bind their domain to our app and everything would work as intended.
However, we can't replicate this functionality when our mycompany.com domain is managed via cloudflare.
When we navigate to superapp.client.com we get the following error page:
Error 1001
What happened?
You've requested a page on a website (superapp.client.com) that is on the Cloudflare network. Cloudflare is currently unable to resolve your requested domain (superapp.client.com).
Is there any way that Cloudflare can be used in this fashion?, this seems like a pretty standard set up for a multi tenant application that supports custom domains.
We don't need all the protection that Cloudfront offers for these client domains, but we want to use the Cloudfront nameservers for out application (mainly for fast switching of DNS records in the event we migrate servers, etc).
Any help is appreciated.
I hope it's not too late. But just found a way to do so.
You just need to add your client's domain (Add site in Cloudflare) to your account.
You don't need to change client domain's NS. So in your Cloudflare panel this domain will showing as "Pending Nameserver Update".
Next step is add the CName record to this domain.
Although the NS of client domain is not changed to CF, but CF has a lookup record as CName for it.
Hope it helps.
Just in case someone arrived here with same issue as me. Here is the answer. For short, no that won't work.
Since Cloudflare is a reverse proxy for the domain that is on Cloudflare, the CNAME redirect for the domain (not on Cloudflare) wouldn't know where to send the traffic to.
Ref: https://support.cloudflare.com/hc/en-us/articles/360017421192-Cloudflare-DNS-FAQ#CloudflareDNSFAQ-CanICNAMEadomainnotonCloudflaretoadomainthatisonCloudflare
If you don't need the CDN benefits, you can still use Cloudflare nameservers to manage your DNS zone and keep your current configuration. Just make sure the CDN is deactivated for the target subdomain in your zone (superapp.mycompany.com in your case).
You can tell if the CDN is activated or deactivated for a subdomain by looking at the cloud icon on the right of each DNS entry: if the cloud is orange the CDN is active, if it is gray, it isn't.
Cloudflare also supports external CNAME resolution in their CDN infrastructure, but it's only available for its Enterprise customers:
https://support.cloudflare.com/hc/en-us/articles/217371987-Managed-CNAME
Related
I created Azure CDN Verizon Premium.
Endpoint Hostname: https://mysitename.azureedge.net
Origin Hostname: https://mysitename.com
Origin host header: 123.456.789.12 ( My Server IP )
My Server is: CentOS + Litespeed
DNS Provider: Cloudflare
Normally, I point to my server from CF DNS
A - # - 123.456.789.12
CNAME - www - mysitename.com
With these settings, I can access my site (NO proxied)
I wish to use Azure CDN for the root domain.
I don't like to use www.mysitename.com, But I like to use root/naked domain (mysitename.com)
So, I changed my DNS like this:
CNAME - # - mysitename.azureedge.net
CNAME - www - mysitename.azureedge.net
Thanks to CNAME flattering in Cloudflare
(This technic worked with QUIC.Cloud CDN - when I used their NODE URL on CF DNS)
NB: Quic.cloud is still in Beta - But a nice service - worth trying.
So, I used the same trick to have in Azure CDN (I don't know it'll work or not)
After I put the endpoint hostname in my browser, I get a 504 timeout error. As you know, Azure is NOT allowing an SSL certificate on the root domain.
So, how can I fix this trouble?
What do exactly I want
A dynamic CDN, Not the traditional URL mapping CDN.
Need to deliver the entire files & folder to edge locations (Verizon & Akamai Dynamic Delivery)
Why don't like to use URL mapping
The site on a root domain and CDN in a subdomain is possible.
Ex: site URL mysite.com & CDN URL: cdn.mysitename.com (currently I'm using this setup in few sites)
But, the real problem is:
the CDN URL will be quick, Files can be delivered. But, The Website root domain, still deliver from the origin server.
So, TTFB is delayed when users from India access the site hosted in the USA.
Did you find a solution?
Yes, Cloudflare & QUIC is the best solution for this, because they both work through DNS level.
Cloudflare asks us to point our domain to theirs NS and they deliver dynamically (if proxy is enabled)
Each country has better TTFB than, origin (I tested with CF)
But why am I not using Cloudflare?
Cloudflare has some SEO issues. I faced many times on many occasions. CF is fast but dropped my ranking suddenly.
Why I'm not using QUIC.Cloud?
I'm using Quic on some small sites. It works well.
QUIC works, by pointing CNAME to their NODE URL (Their DNS solution is on the way). The entire site will be delivered through its node.
But, It's still in beta and not capable to deliver my requirements always as I expected. Maybe they will fix small bugs asap.
Then, what do you want?
I need to deliver my entire site through CDN. so I can increase the TTFB in every location. CDN for the root domain is the solution (I think so)
CNAME to endpoint hostname will work?
is there I miss anything, in my DNS or Azure CDN setup?
You need to have your DNS managed in Azure, and then create an Alias record for the root domain, pointing to the CDN.
https://learn.microsoft.com/en-us/azure/dns/dns-alias
After that you will want the SSL certificate, it is allowed on root domain, but it's not managed by Azure and you need to upload it to the Key Vault and bind it through that.
https://learn.microsoft.com/en-us/azure/cdn/cdn-custom-ssl?tabs=option-2-enable-https-with-your-own-certificate
I have a domain name registered with GoDaddy, e.g., "mysite.com", and have followed the Azure instructions to map that domain's CNAME and A records to my Azure WebApp, i.e.,
I then updated GoDaddy's nameservers to point to cloudflare so cloudflare is now in charge of my DNS records, i.e.,
Within cloudflare I have SSL set to Full and the certificate appears to be active
and my DNS records in cloudflare pointing to my azurewebsites domain name, i.e.,
It has been over 36 hours since I updated the nameservers, but as you can see from cloudflares DNS records screenshot above (see Status), all traffic appears to be routing around cloudflare directly to Azure, i.e., I'm not hitting cloudflare. Putting domain mysite.azurewebsites.net in whatsmydns also shows everything pointing to Azure.
What have I missed in the setup to ensure all traffic routes through cloudflare?
Probably a little late but you need to click on that grey cloud icon in Cloudflares settings. The icon will then go orange and the traffic will be routed through Cloudflare.
CloudFlare appears to transparently replace all CNAME records to A, so this CNAME record is not visible for Azure. You have to change nameservers of your domain to its original ones (provided by GoDaddy in your case), add CNAME through GoDaddy DNS panel, wait for Azure to see it, approve domain in Azure, and only then migrate to CloudFlare.
I wanted to use CloudFlare for my website (hosted on Microsoft Azure).
I have added my domain to Cloudflare, and changed my domains nameservers to the ones I got from Cloudflare.
Furthermore, cloudflare imported my current DNS settings which are the following (my domain has been replaced with domain.com):
I thought the migration would go smoothly, however, when I go to www.domain.com I get the error:
The webpage at http://www.domain.com/ might be temporarily down or
it may have moved permanently to a new web address.
However, when I refresh a couple of times it finally loads the site.
If I go to domain.com (no www-prefix), I get the error:
domain.com’s server DNS address could not be found.
What could be going on?
For the first issue...if you are seeing inconsistent responses from your Azure Website, they you should raise an Azure support ticket.
For the second issue...try verifying the CLOUDFLARE DNS resolution via http://digwebinterface.com, both via a recursive DNS service and by querying against the CLOUDFLARE name servers directly. If the latter is working, there must be a problem in your DNS delegation (check name server settings with your registrar, try also a delegation validation service such as http://dnscheck.pingdom.com/). If the latter is not working, you'll need to take it up with CLOUDFLARE.
You need both # and www CNAME specified in your host records. Not just www.
the refresh is normal after you make a dns change. The browser keeps the dns lookup in cache, so if you visit the site on another browser you won't have to do a refresh. Just clear your browser cache when you want to see dns changes, but some edits could take 15min or longer to see changes.
I have about 300 domains using my company DNS ns1.x.com.br and ns1.x.com.br
I want to use CloudFlare with all those 300 domains but when I add a domain to CloudFlare they give me new DNS that I need to change in my domains.
So far I added 70 domains to CloudFlare and they gave me only 3 sets of primary and slave DNS.
So, can I point my ns1.x.com.br to the primary DNS provided by CloudFlare? And do the same with the slave?
After that I will create a ns3.x.com.br and point it to another CloudFlare DNS. Will it work?
CloudFlare works at the DNS level in this way:
You have to signup for CloudFlare and add the domain (make sure all of your DNS records are in your DNS zone file at CloudFlare).
You then change to our nameservers at the registrar.
Only our nameservers can be at the registrar.
"So, can I point my ns1.x.com.br to the primary DNS provided by CloudFlare? And do the same with the slave?
After that I will create a ns3.x.com.br and point it to another CloudFlare DNS. Will it work?"
These records should be in your CloudFlare DNS zone file for the site(s) on those nameservers. They can't be active at the registrar because only CloudFlare's nameservers can be there for our service to properly work.
Note: I'm not sure if you're providing commercial hosting for sites. If yes, you might want to look at becoming a CloudFlare Hosting Partner instead (you don't have to worry about changing nameservers).
Yes, you can. There is a possibility to add domain in the new name server first you need to know the domain secret of each domain(It's a 6 Digit pin maintained with your current DNS)Theft Protection pin also needed. Both are same in the ResellerClub.
If you are using ResellerClub means Its Really easy to change, Because it has a Bulk Domain Booking option. That have a option "add existing Domain" option.
If You have any other Problem. Or this not a exact answer you need, Then please chat with me. I will update the answer. Thank You...
From the looks of it the new Azure Websites Feature still does not support hosting them under a naked domain such as example.com instead of www.example.com. Am I missing something?
Azure Websites have now released support for naked domains. Websites that are run on Shared or Reserved instances does support naked domains through an A record. Domain management is available through the Azure management portal.
Update 2012-10-21:
I previously stated that free instances could rely on CNAME to redirect a subdomain to their free Azure-website, but this appear to be incorrect, at least at the moment. Doing a CNAME to your Azure-website will result in an HTTP 404, as reported by MemeDeveloper in his comment.
However, if you run your website on a Free instance, you are still limited to CNAME, so for those websites naked domains are not possible.
Update:
As MemeDeveloper suggest in his comment, there are web services you can use that will take your naked-domain example.com and redirect it to www.example.com for you. For your www subdomain you could then have a CNAME to your Azure-URL.
Not as clean as a simple A record that is available for your paid websites, but a workaround for your free sites.
The conversations above are a bit dated. This entry however, comes up at the top of the list when folks are hunting/searching for Azure Naked Domain support.I'd update the answer.
Azure now supplies an IP in shared and > plans, and you can configure a naked domain.
Check out the following articles for more info:
https://azure.microsoft.com/en-us/documentation/articles/web-sites-custom-domain-name/
http://blogs.msdn.com/b/waws/archive/2014/10/01/mapping-a-naked-url-to-your-azure-web-site-url-with-no-www.aspx
Azure does not support naked domain, because this requires to map definitively an IP address to the domain name. To map a naked domain name, you need a 1 record in the DNS. So, in this case, services like load balancing are more difficult to put in place.
Most registrars provide a way to redirect a naked domain request to another name, through HTTP redirect mechanism. For instance, you could redirect example.com to www.example.com.
There seems to be some confusion about this. I don't know what the deal with Websites is, but normal Azure Web Roles provide a virtual IP address that is guaranteed not to change unless you delete a webrole deployment.
You can bind a domain name A-record to that VIP, as described here.
In practice, that means that when I want to update my website, I have to do a staging deployment first; and then switch it with the production deployment, and finally delete the staging deployment. The only caveat that I've been aware of, is that you can't do this if you switch your endpoint configuration (not even names).
I'm currently looking if there are same kinds of guarantees for websites, but haven't found appropriate documentation yet.