Changed CNAME to point to a new site early yesterday. Not going live

Website, Application, Performance
1

What is the name of the domain?

nortec.com.au

What is the error message?

nortec.com.au redirected you too many times.

What is the issue you’re encountering

CNAME change from nortec.tempurl.host to nortec2025.tempurl.host in CF DNS

What steps have you taken to resolve the issue?

Verified with WPMUDEV that everything is right at their end.
Checking for CNAME propagation at DNSCHECKER - None at all. Ditto Whatsmydns
These are the changes I made
CNAME nortec.com.au nortec2025.tempurl.host Proxied Auto
CNAME www nortec2025.tempurl.host Proxied Auto

Normally changes take minutes or hours, not days.
Have I missed something

2

Curiously WPMUDEV told me to set the SSL/TLS to off until the DNS is resolved. Which I did.
I have now set it back to Full (Strict) as per other cases.
Now getting error 526 Invalid SSL certificate.

To make thing clear - everything worked fine - the only chage I meade was to change the cname from nortec.tempurl.host to nortec2025.tempurl.host

3

This is often due to inappropriate SSL/TLS Encryption Mode selection (per the origin SSL certificate status).

But your site works fine for me now (no redirection error) so I guess the problem is now resolved.

As the hostnames nortec.com.au and www.nortec.com.au are Proxied :orange:, they’ll always return A records with Cloudflare’s Proxy IP addresses and you’ll never see the actual CNAME record. If you need to see the CNAME target, you’ll need to change “Proxy Status” to DNS Only :grey:.

But note that doing this completely disables all Cloudflare proxy services (CDN, WAF, SSL, etc) for the hostname(s) in question. So perhaps you’ll only do this for testing purposes. Even thing, I’d pause Cloudflare instead: https://developers.cloudflare.com/fundamentals/setup/manage-domains/pause-cloudflare/

Full (Strict) requires a valid CA-issued certificate at the origin. This is why you were seeing this new error message and code.

4

HI George - thank you for responding.
I am not sure which site you are seeing - the new site nortec2025.tempurl.host or the old site nortec.tempurl.host. I am getting the SSL certificate error - but this is a symptom. WPMUDEV will set up an SSL certificate once the DNS is correct

image
image992×254 11.5 KB

WPMUDEV is not tracking Cloudflare as giving the correct DNS pointing to nortec2025.tempurl.host.

It’s now been over 30 hours, and no DNS checks have reflected any changes - including when I check against Cloudflare.

Appreciate any other advice you may have

5

With the help of WPMUDEV support, this is how it was resolved. Not sure if this was the best way - but it worked. I have listed the below for anyone else who might encounter the same issue

  • I purged all the Cloudflare caches but that didn’t help.
  • Then I enabled the Development mode on Cloudflare and that fixed the issue.
  • That API URL then returned the new hosting TEMP URL and that is “nortec2025”. As a result, the system updated the DNS Status.

So, it was Cloudflare cache that was causing the issue and this is the first time I faced this issue.

  • Usually that API URL shouldn’t be cached. I suspect there could be a rule present on Cloudflare that cached that specific API URL.
  • While troubleshooting, I changed the DNS records from CNAME to A and AAAA and allowlisted some IPs on the Cloudflare WAF Tools. You can ignore those. I have also changed the SSL mode to “Full (Strict)” now and disabled the development mode.
6

This topic was automatically closed after 15 days. New replies are no longer allowed.