My research lab is given a subdomain by the university, but because we deploy our lab website using Cloudflare Pages, it’s easier for us to manage our DNS records instead of trying to communicate these changes with our university IT.

Here’s an approximation of our setup:

# We own this domain and already have it on CF
labwebsite.org
# The domain the website is deployed on via CF Pages 
#   (labwebsite.org CNAME labwebsite.pages.dev at the moment)
labwebsite.pages.dev
# The university issued this subdomain for the lab
labwebsite.department.university.edu

Desired outcomes

• All traffic to labwebsite.department.university.edu forwards/redirects to labwebsite.org, ideally keeping subdomains (relative to labwebsite...edu) and pathnames. (So *.labwebsite...edu forwards to *.labwebsite.org, labwebsite...edu/* forwards to labwebsite.org/*, and *.labwebsite...edu/* forwards to *.labwebsite.org/*).
• All of this should be accomplished while retaining HTTPS (I don’t think we need it, other than to be compliant with the latest web standards since it’s a static site with no user accounts/other personally identifiable data being exchanged).

My latest attempts to achieve these outcomes

1. Have university IT set labwebsite...edu to CNAME labwebsite.org, this threw a CF Error 1001, which based on this forum post [error1001-post] and this help doc [error1001-docs] directed me to do what I describe below.

   error1001-post: https://community.cloudflare.com/t/how-can-i-fix-this-error-1001-issue/260054/6
   error1001-docs: https://support.cloudflare.com/hc/en-us/articles/360029779472-Troubleshooting-Cloudflare-1XXX-errors#error1001
   

2. Adding labwebsite...edu via “Add a Site”, but I get the following error:

   Please ensure you are providing the root domain and not any subdomains (e.g., example.com, not subdomain.example.com)

   While this error is sensible (and clearly conveys that subdomains can’t be added), the university IT setup NS records for labwebsite.department.university.edu pointing to (anticipated) CF nameservers, so it should be treated like a root domain (as far as I understand, since queries to labwebsite...edu should be directed to CF’s nameservers.

3. I’ve also asked university IT to do something akin to CF’s “Redirect Rules”, but they don’t seem to know how to do this other than via CNAME records. However, because of Error 1001, this won’t work. Previously we used Netlify to deploy the website and the following error appears when anyone tried to visit labwebsite...edu (deployed via Netlify instead of CF Pages) gets the follow error on Chrome/Firefox/Safari:

   Your connection is not private

   Attackers might be trying to steal your information from labwebsite.department.university.edu (for example, passwords, messages, or credit cards). Learn more

   NET::ERR_CERT_COMMON_NAME_INVALID

   I assume this would also apply for the current setup if CF didn’t throw Error 1001.

Questions

1. Is there any way to add labwebsite...edu to CF as if it were a root domain? The department.university.edu and university.edu are definitely registered and properly configured, so I’m not adding a fake domain or anything like that. (Though I’m not sure this is why CF issues the error I mentioned earlier.)
2. If ^ isn’t possible – is there a typical way to do this using DNS/other redirect rules?
3. If there isn’t a typical way using this, what would be “good” next steps? Currently, I’m thinking of setting up a server with the university that runs NGINX/Traefik and does these redirects for us, or setting up a static page that basically does this with window.location = "..." and letting people know they should be doing to labwebsite.org instead.

Assumptions:

• I provided university IT with “anticipated” nameservers that match my prior experience with CF – nameservers seem to vary across accounts, not sites.
• I expect NET::ERR_CERT_COMMON_NAME_INVALID would be thrown if CF didn’t throw Error 1001 because when visiting labwebsite.org or labwebsite.pages.dev, I see that CF issues certs specifically for labwebsite.org and *.labwebsite.pages.dev, respectively.

Yes. You can use a partial CNAME setup for subdomains on a Business plan or higher.

CNAMEs are not redirects. They just map aliases to canonical names. If your host has a canonical name of robert and you give it the alias of bob by creating a CNAME, traffic will be sent to robert but he still needs to know that he is supposed to answer to bob.

You manage redirects via HTTP not DNS. You can think of a redirect as a separate instance running at bob that tells visitors to go see robert. You are on the right track to one possible solution with your idea of standing up a web server to handle the redirect. I am not sure why you are considering using window.location = "..." rather than simply placing your HTTP redirect in the site configuration.

This assumption is not correct. While you often get the same nameserver pair, it can vary by site, and you should not add any namservers until you are told by Cloudflare which ones to use with your site.

You should be able to this without having the domain on Cloudflare at all. Use the Custom Domain feature of Pages.

If you are deploying to a subdomain, it is not necessary for your site to be a Cloudflare zone.

I was thinking the same thing, too, but I didn’t think adding the labwebsite.department.university hostname to the custom domains would help with the goal of encouraging the use of the preferred labwebsite.example.org. Can you perform a redirect to a specific hostname using Pages?

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.