My research lab is given a subdomain by the university, but because we deploy our lab website using Cloudflare Pages, it’s easier for us to manage our DNS records instead of trying to communicate these changes with our university IT.
Here’s an approximation of our setup:
# We own this domain and already have it on CF labwebsite.org # The domain the website is deployed on via CF Pages # (labwebsite.org CNAME labwebsite.pages.dev at the moment) labwebsite.pages.dev # The university issued this subdomain for the lab labwebsite.department.university.edu
- All traffic to
labwebsite.org, ideally keeping subdomains (relative to
labwebsite...edu) and pathnames. (So
- All of this should be accomplished while retaining HTTPS (I don’t think we need it, other than to be compliant with the latest web standards since it’s a static site with no user accounts/other personally identifiable data being exchanged).
Have university IT set
labwebsite.org, this threw a CF Error 1001, which based on this forum post [
error1001-post] and this help doc [
error1001-docs] directed me to do what I describe below.
error1001-post: https://community.cloudflare.com/t/how-can-i-fix-this-error-1001-issue/260054/6 error1001-docs: https://support.cloudflare.com/hc/en-us/articles/360029779472-Troubleshooting-Cloudflare-1XXX-errors#error1001
labwebsite...eduvia “Add a Site”, but I get the following error:
Please ensure you are providing the root domain and not any subdomains (e.g.,
While this error is sensible (and clearly conveys that subdomains can’t be added), the university IT setup NS records for
labwebsite.department.university.edupointing to (anticipated) CF nameservers, so it should be treated like a root domain (as far as I understand, since queries to
labwebsite...edushould be directed to CF’s nameservers.
I’ve also asked university IT to do something akin to CF’s “Redirect Rules”, but they don’t seem to know how to do this other than via
CNAMErecords. However, because of Error 1001, this won’t work. Previously we used Netlify to deploy the website and the following error appears when anyone tried to visit
labwebsite...edu(deployed via Netlify instead of CF Pages) gets the follow error on Chrome/Firefox/Safari:
Your connection is not private
Attackers might be trying to steal your information from
labwebsite.department.university.edu(for example, passwords, messages, or credit cards). Learn more
I assume this would also apply for the current setup if CF didn’t throw Error 1001.
- Is there any way to add
labwebsite...eduto CF as if it were a root domain? The
university.eduare definitely registered and properly configured, so I’m not adding a fake domain or anything like that. (Though I’m not sure this is why CF issues the error I mentioned earlier.)
- If ^ isn’t possible – is there a typical way to do this using DNS/other redirect rules?
- If there isn’t a typical way using this, what would be “good” next steps? Currently, I’m thinking of setting up a server with the university that runs NGINX/Traefik and does these redirects for us, or setting up a static page that basically does this with
window.location = "..."and letting people know they should be doing to
- I provided university IT with “anticipated” nameservers that match my prior experience with CF – nameservers seem to vary across accounts, not sites.
- I expect
NET::ERR_CERT_COMMON_NAME_INVALIDwould be thrown if CF didn’t throw Error 1001 because when visiting
labwebsite.pages.dev, I see that CF issues certs specifically for