Cannot enable wildcard for custom hostname

I'm trying to build a worker acting as a reverse proxy, and am using custom hostnames and Cloudflare for SaaS / SSL/TLS to do this. I'd like to route all traffic from customer domain *.customer.com to my worker, hosted on proxy.locadapt.com. However, I don't see an option to enable wildcards — any suggestions?
No description
16 Replies
Chaika
Chaika3mo ago
Wildcard Custom Hostnames are an Enterprise only feature: https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/plans/
Cloudflare Docs
Plans | Cloudflare for Platforms docs
Learn what features and limits are part of various Cloudflare plans.
Mythaar
MythaarOP3mo ago
Oof OK I missed that, thank you @Chaika ! Would you know by chance how "enterprise" you have to be to get the Enterprise billing? This is for a student startup, not sure if they work with smaller orgs.
Chaika
Chaika3mo ago
Enterprise is very piecemeal/you get & pay for what you ask for, but there is a base/min cost of a few thousand/month
Chaika
Chaika3mo ago
CF does have stuff for startups: https://blog.cloudflare.com/startup-program-250k-credits/ which include enterprise plans
The Cloudflare Blog
Startup Program revamped: build and grow on Cloudflare with up to $...
Cloudflare’s Startup Program now offers up to $250,000 in credits for companies building on our Developer Platform. The program relaunch uses clear and predictable credits so that you can easily see how usage impacts future pricing.
Mythaar
MythaarOP3mo ago
Great thank you for this information! I'll look into the program and migrate elsewhere if it doesn't work out. Sorry to bug you again but literally the only thing I'd need this for is to prevent a cross-user banned error à la https://es.simonilincev.com/. Would you by chance know of any alternate ways of proxying client domains to a Cloudflare site?
Chaika
Chaika3mo ago
I'm assuming it's not an option to just add subdomains as custom hostnames as they use them? You'd just have to add the es subdomain Other then that, if they're using Cloudflare on their site, you could use a worker with a wildcard proxying requests to your site. Otherwise, Business or higher can be used with CNAME setups, you add their base simonilincev.com as a cname biz or higher partial zone, and then for each subdomain they want to use, you have them cname to a specific cloudflare.net subdomain and configure the record on their end
Mythaar
MythaarOP3mo ago
Hmm I mean I could add subdomains as custom hostnames like you suggested on a piece-by-piece basis, yes. However it'd be a huge pain for the customers — if they have like 20 languages, would have to setup 20x TXT and CNAME records, plus we get charged 10c/mo for each (less of an issue).
Otherwise, Business or higher can be used with CNAME setups, you add their base simonilincev.com as a cname biz or higher partial zone, and then for each subdomain they want to use, you have them cname to a specific cloudflare.net subdomain and configure the record on their end
This sounds a bit more promising but would require similar piece-wise work for each subdomain? Many thanks for your support, every response saves me like 1 hr of research 🙏
Chaika
Chaika3mo ago
Hmm I mean I could add subdomains as custom hostnames like you suggested on a piece-by-piece basis, yes. However it'd be a huge pain for the customers — if they have like 20 languages, would have to setup 20x TXT and CNAME records, plus we get charged 10c/mo for each (less of an issue).
You can skip prevalidation, just do cname + http validation, they just add cname and wait. Would incur more downtime compared to prevalidation though if they were already using the domain
require similar piece-wise work for each subdomain?
yup actually funny quirk with the business cname setup, you can't use that if the root domain dns is already on Cloudflare simonilincev.com is on Cloudflare (porkbun uses them for their default dns) so wouldn't work, they'd have to switch to a different external dns for that to work, I know someone who got hit with that before
Mythaar
MythaarOP3mo ago
You can skip prevalidation, just do cname + http validation, they just add cname and wait. Would incur more downtime compared to prevalidation though if they were already using the domain.
Alright might just go with this then, good to stay with the Cloudflare ecosystem. I suppose I could have the customers set up the CNAME wildcard, then assuming the ("automatic" API created custom hostname) matches for the wildcard subdomain, things should work?
Mythaar
MythaarOP3mo ago
Would the HTTP pre-validation be required as well then? From here: https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/ I was under the impression it's either / or.
Cloudflare Docs
Hostname validation | Cloudflare for Platforms docs
Before Cloudflare can proxy traffic through a custom hostname, we need to verify your customer’s ownership of that hostname.
Mythaar
MythaarOP3mo ago
Hmm I'll try to go with your first suggestion then, as Cloudflare becomes more and more successful / already being used a lot this could cause frequent issues — great to know.
Chaika
Chaika3mo ago
Alright might just go with this then, good to stay with the Cloudflare ecosystem. I suppose I could have the customers set up the CNAME wildcard, then assuming the ("automatic" API created custom hostname) matches for the wildcard subdomain, things should work?
You could have them wildcard cname to your zone and then add the invidiual subdomains you want yea, wildcards are kind of messy and can lead to confusions though, and would result in returning ugly errors for unused subdomains (either cname cross user banned or ssl no cypher found if missing wildcard ssl cert/not on cf) pre-validation isn't required, as in the name it's just meant to validate traffic before pointing to lower downtime. You can just go with the super simple cname real-time validation and http cert validation, and do nothing more then point the cname & wait
Mythaar
MythaarOP3mo ago
Sounds good, I'll explore this option then. Cheers! Thank you!!!
Mythaar
MythaarOP3mo ago
Simon Ilincev
Simon Ilincev
Full-stack Golang & TypeScript developer interested in server-side web development and automation.
Mythaar
MythaarOP3mo ago
Even with meta tags and whatnot 😎
Mythaar
MythaarOP3mo ago
サイモン・イリンツェフ
サイモン・イリンツェフ
サーバーサイドのウェブ開発と自動化に興味を持つフルスタックのGolang & TypeScript開発者。
Want results from more Discord servers?
Add your server