Make apex domains work with Cloudflare for SaaS’s custom hostnames feature
i have a domain where i brought its DNS over to cloudflare (by using cloudflare’s nameservers) that i also have setup as a custom hostname with Cloudflare for SaaS. when i create a CNAME for the
www and point it at my CNAME target, everything works well (this is the specific hostname i am working on: https://www.photoactivemedia.com/). however, when i create a CNAME for @ and point that at the same CNAME target, i get a 530 (Error 1016 when the error page shows up: https://photoactivemedia.com/). i also tried creating a CNAME for the root to point it at the www version, but that didn’t work either. also, when i created a custom hostname for the apex domain in Cloudflare for SaaS, i got the error “custom hostname does not CNAME to this zone.”
if anyone has any idea what i’m doing wrong or how i can resolve this, i’d love to hear about it!20 Replies
, when i created a custom hostname for the apex domain in Cloudflare for SaaS, i got the error “custom hostname does not CNAME to this zone.”You need two things: A: Custom hostname for both www and apex B: Both www and apex to CNAME Directly to your cf for saas zone, not to
www or any shortcuts
You could always just not do your apex and plop a redirect on there as well within CF, it usually doesn't make sense to have both be cf for saas and you'd be using 2x the custom hostnames@Chaika thanks so much for the reply! re: A, that’s how i have it. re: B, as per the cf for saas instructions, i created a fallback origin (which uses 192.0.2.1) and then a “CNAME target” that CNAMEs to the fallback origin. are you saying i should CNAME apex and www to 192.0.2.1? or something else?
I'm saying both your root/apex should CNAME to the same target as your www
like this?
(i used
@ for the root CNAME, but cloudflare shows it as the full apex hostname)yup. Before it wasn't I understand? Cf For SaaS doesn't work well with indirect, has to be directly at
that was the first way i tried it, which seems to partially work, because cloudflare is at least handling the request with that record in place
you've got a redirect loop now. Looks like a page rule or a bulk/dynamic redirect rule on your
photoactivemedia.com zoneyeah i tried add a redirect rule
from apex to www
to see if that would help, but it created that loop
so i just disabled it
worth mentioning if
outlyne.io and photoactivemedia.com are in the same account they're allowed to point cross-zone same-account and it's going to result in semi-weird behavior until the cf for saas hostname takes
What does the Custom Hostname for photoactivemedia.com say now?same as before
and outlyne.io and photoactivemedia.com are in the same account
do you think i should create a separate account?
yea so ignore the http 530 it's giving you right now, cnaming same-account has special behavior
not necessarily just understand that behavior's a bit different/weird
if this was diff acct and it was still pending you'd be getting a cross-cf error page rn, not a 530
it's probably not checked yet, you could try deleting/readding to try to speed it up
just deleted and re-added and it still thinks that
custom hostname does not CNAME to this zone.if i recall correctly, when i CNAMEd the apex without the custom hostname, i was getting SSL errors from no cert but i’m not sure if i can verify that behavior / get back to how it was configured before
probably same-account cross-zone silliness
still same? Did you try clicking refresh? Just to sanity check I tested one on of my zones same-account and it said the same at first, ~30s later I refreshed and it was active
oh interesting! but yeah, same thing after refreshing.
I don't see anything else messy with your setup. If you wanted to try something else you could try what they do with non-cf apex's, which is: delete cname/a/aaaa records, readd custom hostname, add required ownership txt, wait for it to verify it in hostname status, and then add cname record.
Or you could just throw a redirect on there https://community.cloudflare.com/t/redirect-example-com-to-www-example-com-using-single-dynamic-redirects/636762 and try again with a diff testing domain later
ok i will try both, thanks so much for your help! if i could quickly summarize what seems to be the issue to make sure i understand: the DNS setup for the domain, including the root CNAME via CNAME flattening is fine and working correctly. however, the actual custom hostname record in cf for saas for the apex domain isn't working because it isn’t picking up the CNAME record for whatever reason, hence why my application isn’t getting invoked in the end for the apex domain.
including the root CNAME via CNAME flattening is fine and working correctly.only if using CF DNS
however, the actual custom hostname record in cf for saas for the apex domain isn't working because it isn’t picking up the CNAME record for whatever reason, hence why my application isn’t getting invoked in the end for the apex domainyup, it's not making the hostname active and grabbing traffic The way I view CF For SaaS espec when involved with another Cloudflare zone is that when the custom hostname configuration is active it's literally grabbing your traffic and forcing it down the cf for saas zone's path This isn't a typical setup where let's say you have nginx somewhere configured for specific hostnames. This is traffic reaches CF's normal proxy and normal traffic flow, and looking for a cf for saas hostname is part of that flow and then using that config
ok, i tried the redirect rule based on those instructions you sent and it works! this is great and solves the issue of duplicate content issues for SEO anyways. thanks again!