What is the name of the domain?
What is the error number?
1004
What is the error message?
DNS Validation Error (Code: 1004) DNS name is invalid.
What is the issue you’re encountering
I’ve been using bluehost for my website. Today I was chatting with a rep and found out that cloudflare was now hosting my site. I made an account, and have been trying to add a DS record in cloudflare as the DNSSEC has not been enabled. My website has been down for almost a week and I need it back up ASAP. I’ve read articles saying you don’t have to do anything and I read cloudflare articles saying you need to add the records. I haven’t been able to get a straight answer since it seems like cloudflare doesn’t have support reps to talk too. I need guidance. Thanks in advance!
What feature, service or problem is this related to?
DNSSEC
I should’ve added, I tried add the DNSSEC key info such as algorithm, digest, etc. I added the DS Record in the name position when adding the dns record.
You don’t add DS records in Cloudflare, but with your registrar (Bluehost). Cloudflare only provides the DS record that you need for your registrar.
If you have a look here, you can see that Bluehost have a long tradition of problems with DNSSEC: https://community.cloudflare.com/search?q=bluehost%20dnssec
If you can’t manage to disable DNSSEC at Bluehost or update the DS record there, I would recommend that you transfer your domain to a new registrar.
2 Likes
Thanks for the insight. I reached out to Bluehost about this already and they told me I need to do it on cloudflare side. I’m not sure if you know this or not but if I need to add a record to bluehost, how would I do this since I dont have access to the those DNS records? I asked them earlier and they said I can’t because I updated the nameserver. Could/Should I undo the nameserver add the record then revert?
Yes, that’s the same thing they say every time and it makes no sense. If you use their nameservers, then you also need to use their DS records, which they can set automatically.
You only need to change the DS record when you use other nameservers. So Bluehost telling you that you can’t update the DS records because you are using other nameservers is just hilarious.
You can try that.
I’ve been in contact with Bluehost’s “escalated support” since friday for them to add the DS record. I sent them the info they said they needed to add the record, but apparently the “digest type value is invalid” I took a screen shot of the all the info for the DS record to setup the DNSSEC. I just received an email a few moments ago Bluehost ago saying they had the say issue saying " I kindly request you to contact Clouflare and confirm the validity of the information to be updated.", I’m not sure what I can do at this point?
Did that not work? I know it did for some others.
I would still recommend finding a different registrar.
It did to a point, it worked to turn off the DNSSEC but I didn’t see an option to add a DS record. I messaged there support thursday night and they told me they couldn’t do that but escalated it for them to do it!
I definitively want to but I cant afford another week or longer with my site down. Ive already lost a week and a half before thursday and wasnt even informed what my issue was. Do you have an opinion what would be the easiest/best option to switch registrar’s?
Well, at least your site is working now with DNSSEC disabled. It’s not optimal, but I wouldn’t say it’s a huge issue either (temporarily).
Your site is working now, and I don’t see why it should stop again.
Not really. I’m not going to recommend registrars that I haven’t tried myself, and I’m not entirely happy with the ones I did try.
My homepage is working but if you go to another page it doesn’t open, which I find weird!
No worries, I appreciate the honesty, I’ve been thinking about namecheap.
That is not related to DNSSEC.
Can you check that you are using the Full (strict) SSL option? This often happens because you use Flexible.
Thank you! I was on flexible, does it take some time to fix the issue? I’m asking because I checked a few minutes after switching and same thing homepage works, other pages don’t.
Sadly, that change happens immediately.
Can you change the DNS records for your website to DNS-Only for a few minutes? That would tell us whether the problem is on Cloudflare or with your server configuration.
How would I go about doing that?
You can either edit the DNS records and change the proxy status to DNS-Only (https://dash.cloudflare.com/?to=/:account/:zone/dns/records) or you can click the “Pause Cloudflare” Button that is hidden on the bottom-right of the overview page.
So, I paused it with the same results. So that would mean its not cloudflares issue?
It’s not paused yet from what I can see. But it might take a few minutes. Editing the DNS record to DNS-Only should be faster.