Cloudflare for SaaS with apex proxying without enterprise plan?
Hi, I've been excited about bringing our SaaS over to Cloudflare for a while, today I finally started digging in and I found this:
https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/start/advanced-settings/apex-proxying/
Apex proxying is an enterprise only feature. This is a deal breaker because most customers want to point their entire root domain to us...
Right now we have a VM with https://caddyserver.com/ on a docker container managing SSL certs for custom domains via letsencrypt. It works great for that.
Is there a known workaround to using Cloudlfare CDN / DDoS protection / bot mitigation / etc, while still letting customers point apex domains to us? Without having to shell out $5k/month on enterprise, that is. Some kind of mix of using Caddy + Cloudflare perhaps?
Cloudflare Docs
Apex proxying · Cloudflare for Platforms docs
Apex proxying allows your customers to use their apex domains (example.com) with your SaaS application.
Caddy Web Server
Caddy - The Ultimate Server with Automatic HTTPS
Caddy is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go
5 Replies
Okay guys, thank you
I sent them a message
though even 1.5k is out of reach for us so I don't have muc h hope
iirc can't you point apex to cf for saas as long as the dns provider supports cname at apex/flattening?
of course if their dns provider doesn't support that, out of luck
yeah I actually found a way to go about this
for customers with DNS providers that don't support apex cnames, we'll set up a small redirect server outside of CF with its own SSL termination to catch and 301 redirect to subdomain
and we'll force customers to use www subdomains
🤷‍♂️
actually, while I'm talking about this
if the redirect server is there just to catch customer.com and 301 redirect to www.customer.com (which is gonna be on CF), is there a point in having an SSL cert for customer.com on the redirect server?
@Chaika fwiw, i have a domain where i brought its DNS over to cloudflare (by using cloudflare’s nameservers) that i also have setup as a custom hostname with Cloudflare for SaaS. when i create a CNAME for the
www and point it at my CNAME target, everything works well (specifically: https://www.photoactivemedia.com/). however, when i create a CNAME for @ and point that at the same CNAME target, i get a 530 (Error 1016 when the error page shows up: https://photoactivemedia.com/). i also tried creating a CNAME for the root to point it at the www version, but that didn’t work either. also, when i created a custom hostname for the apex domain in Cloudflare for SaaS, i got the error “custom hostname does not CNAME to this zone.”
if anyone has any idea what i’m doing wrong or how i can resolve this, i’d love to hear about it!make your own thread pls