Domain Propagation

Hello, I use cloudflare nameservers that links back to GoDaddy domain. Recently my server had an IP address change and I updated the A and WWW records to reflect the new IP address. It has been around 24hrs now but I am still unable to access my website using the domain name. Does it usually take so long for the IP address records to be updated?
10 Replies
Chaika
Chaika8mo ago
If they're proxied you're just depending on internal propogation which is usually within 30 seconds or so. If it's not proxied, depending on ISP DNS Resolver caching and such which could be longer. What's the domain?
zning
zningOP8mo ago
I believed it's proxied. nuspace.sg
Chaika
Chaika8mo ago
I get a redirect loop. If you go to the Cloudflare dashboard, and then websites -> click on your website, under SSL/TLS -> Overview, change the SSL Encryption mode to "Full (Strict)" if it's not already. Magic link: https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls
zning
zningOP8mo ago
Omg that solved it! Could u share with me what was the cause earlier?
Chaika
Chaika8mo ago
Flexible, which is I assume it was set to before, makes Cloudflare send HTTP (plaintext) requests to your origin/web server. Lots of configurations these days by default redirect to HTTPS (secure), but that redirect is just proxied back to the visitor, Cloudflare doesn't follow it, so you end up with Visitor -> HTTPS -> Cloudflare -> HTTP -> Origin -> Redirect .. and again, and again where now it's Visitor -> HTTPS -> Cloudflare -> HTTPS (Encryption Mode) -> Origin
zning
zningOP8mo ago
I see. When it was flexible and using the previous IP address, it was okay. Why would a change in IP address break it?
Chaika
Chaika8mo ago
It wouldn't, something else changed along with it. If GoDaddy transferred you to another server, the new server just had http redirects enabled on it You really should never use Flexible to begin with, always Full (Strict), so if anything it just helped you fix that
zning
zningOP8mo ago
A blessing in disguise indeed. I also wanted to ask, I'm trying to have another server serving another website on the same domain but on a different port. For me to make the other website HTTPS, do I use certbot as well on the other server machine? My thinking is that I can only authenticate one SSL cert per domain and I shouldn't be using another server to authenticate another SSL cert.
Chaika
Chaika8mo ago
There are limits with certbot/let's encrypt but they are way more then just 1 https://letsencrypt.org/docs/rate-limits/
The main limit is Certificates per Registered Domain (50 per week).
If you are going to have it proxied behind Cloudflare, you could use Origin Certificates too https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/, under SSL/TLS -> Origin Server. They are trusted by Cloudflare's Proxy and can last up to 15 years
zning
zningOP8mo ago
Alright. I'll look into those. Would having a same domain served by 2 different servers and having different SSL certs affect the domain?
Want results from more Discord servers?
Add your server