Avoiding changing nameservers

I’m looking into using Cloudflare, so I’m trying to set up the free tier on a small site. The instructions only talk about changing the domain’s nameservers to point to Cloudflare. This isn’t necessary and I will not do this. What is the alternative?

For Cloudflare it is necessary. If you dont do that you cant use Cloudflare.

You can sign up for our Business plan and then request support enable a cname setup instead.

2 Likes

I like that these two answers contradict each other :slight_smile:

Please let me know if Cloudflare fix this problem in the future.

They contradict each other, because you typically need to change the nameservers. Unless you are willing to pay $200 a month and sign up for a business plan, in which case you can use a CNAME setup. I did not suggest that as you specifically referred to free.

As it is not a problem, there wont be a fix either.

4 Likes

Clearly we have differing opinions as to the meanings of the words “problem” and “necessary”. And unless you are Matthew Prince I’m not sure how you can be so certain that Cloudflare will never improve their policy.

Were you asking about a feature or did you want to start an argument?

Yes, we obviously have different views as far as “problems” are concerned. And no, I wont give you a guarantee that Cloudflare wont ever abolish that requirement, but for the foreseeable future I am pretty confident they wont. If you want a definitive statement you can, of course, contact Matthew Prince personally :wink:

No one is sure of that, but as far as we know, have been told and have seen the name server change is necessary up to the Business plan because it requires specific configuration and costs them money to support it.

For free and almost free plans the only solution is to change them or go with a partner which support it due to different arrangements (not sure if any do, though, you will have to search and check).

1 Like

@sandro I was asking because I was hoping that the instructions pushing users towards changing the nameservers was just a default and that there was another less-advertised way to use Cloudflare without doing this.

Given that it appears there isn’t, I just want Cloudflare to be aware that this policy is putting people off using their service and may therefore be counterproductive. Obviously I don’t expect them to change their ways just for my benefit, but it would be rather surprising if I was the only person with a similar opinion.

No, I am afraid it is not just the default, it is a requirement unless you are on a Business or Enterprise plan.

As far as the requirement itself is concerned, that topic rarely comes up and people generally dont have an issue with switching nameservers, so I guess the vast majority does not have an issue with that.

From a technical perspective it certainly wouldnt be absolutely necessary to change nameservers but Cloudflare’s current architecture is designed that way and I honestly doubt they will change that in the foreseeable future.

Cloudflare’s DNS infrastructure is pretty stable, so my recommendation would be to switch over if you want to use Cloudflare. If there is any instability it probably rather is the web part than the DNS part on Cloudflare’s side.

Alternatively, you always have a business plan where you can use aforementioned CNAME setup, but I am not under the impression you’d like to shell out $200 every month. Right?

It’s not inconceivable that a service like Cloudflare might be worth $200/month to me in the future, but for today I was just looking to evaluate the service a little, and it appears that I cannot do that without putting in a much greater commitment in terms of time and change of operations than I am currently willing to do. This is surprising and disappointing. That’s all really!

Why would the nameservers be such a commitment? Cloudflare is pretty good at importing standard records and as long as you check that everything is there (either imported or manually added) you should have zero downtime. Overall I’d expect the entire DNS setup to take less than half an hour.

It’s missed about half the records - which is unsurprising since there’s no way it can possibly know what records anyone has unless they get us to set up AXFR permission first. But yeah, I wouldn’t expect it to take very long or to cause any downtime; the issues I have include (a) it wanting to take over the entire domain just to provide a service on one port on one name in that domain (what if some other random service on the domain decided they must also own the domain…), (b) I don’t know what limitations it has on its DNS service (e.g. record types, lengths), (c ) the state of the domain as recorded by Cloudflare and by the current nameserver will inevitably drift apart over time, leading to extra effort in the future if I want to remove Cloudflare again.

Basically rather than just the expected and simple operation of changing one or two records to point to Cloudflare, they’re asking me to open a big can of worms instead and give them complete control over the whole domain. I am very reluctant to do so.

1 Like

if you would like to evaluate Cloudflare and the CNAME setup for a short period of time, Sales might be able to do so. See https://www.cloudflare.com/lp/dns-a/ for the sales contact page (very bottom “contact us”).

I see what you mean, but pointing nameservers isn’t (shouldn’t :wink: ) be the method most sites will use to verify ownership of your domain. That is almost always done with a TXT record at the root if it’s just verifying ownership, changing nameservers is generally only done to verify ownership for a service that specifically aims to provide DNS and/or hosting.

See https://support.cloudflare.com/hc/en-us/articles/360017421192-Cloudflare-DNS-FAQ - there are some caveats, but it does extremely well for most DNS setups.

I see what you mean, changing the authoritative DNS does cause these issues. Would like to point to this article that allows you to export and import your DNS as you see in BIND format if you so wish.

Again your situation makes sense, Cloudflare provides CNAME setups for this reason but the creation and maintenance of this sort of setup cost Cloudflare time and money so the pricing is set up to reflect that.

If you’d like to simply evaluate Cloudflare with the above CNAME setup, feel free to contact sales with the first link :slight_smile: .

2 Likes

It’s possible at some point the policy could change (anything is possible right?). But my experience has been that a CNAME config generally results in more support calls to Cloudflare and that it potentially limits some of our automated mitigation tools. Both of those have an actual cost to Cloudflare in terms of manpower and hardware/bandwidth.

Is that true in every case? No, but when offering a service to millions the law of averages is a thing.

Overall a ‘full’ setup is easier to configure for customers and is generally more performant. There are certainly scenarios where it isn’t possible/practical to move DNS which is why we have the option available on the business and enterprise plans.

6 Likes

Well, if nothing else I’ve learned that Cloudflare has a very active and helpful support forum :slight_smile:

4 Likes

That I agree with! I may be a little biased…

Hmm there was a reply in this thread which said the cPanel plugin provided the requested functionality, but it seems to have mysteriously vanished. And the following API response doesn’t bode well for its efficacy: {"success":false,"errors":[{"code":1104,"message":"Partial zone signup not allowed"}],"messages":[],"result":null}

You’d need to be a Cloudflare partner to get this to work.

2 Likes

yes i did post that(post was removed by Cloudflare)… and it works.
You can see for this domain(afrosages.com) for instance has origin namservers but uses Cloudflare. Note that since it is not a full integration, you wouldn’t get all dns records routing through Cloudflare