Cloudflare DNS & Plesk DNS - Turn off Plesk DNS?

I have asked this question before but never quite got answer we needed,
and now we see some weird Plesk error notices. :slight_smile:
Did not see any answers that involved Plesk Obsidian

We have a dedicated server running Plesk Obsidian 18.36
We have domains & subdomains on the hardware server, ALL running Wordpress with the Cloudflare plugin

We have ALL domains routed through cloudflare - 2 on the Pro Plan

Most of the domains were actually registered through Cloudflare and
ALL the domains use Cloudflare as the PRIMARY DNS for the domain
(those domains with other registrars like whois.com set to Cloudflare name servers)

Currently, on Plesk, the Plesk DNS is ENABLED/ON as a master
BUT
Since the last Plesk upgrade, we have been getting these crazy Plesk error notices
telling us to set your domain (ns) name servers - at the registrar - to PLESK server and your sites will come up

Naturally, doing that would bypass Cloudflare.

But we are again wondering if we should
disable Plesk DNS
or
set it as a “slave”?

Or just ignore the “errors” all together?

There are NO issues with the sites - they resolve and function normally.

Thanks guys :smiley:

Sid

1 Like

That. :slight_smile:

You are not using Plesk and you couldn’t unless you disable Cloudflare and move away from it.

I appreciate your help, but we actually DO have DNS on Plesk active - the DNSSEC extension did that automatically - and DO use Cloudflare as primary DNS for ALL our domains. The DNS settings on Plesk server are same as those in our Cloudflare DNS panel. In fact the Cloudflare old servershield pretty much ran that way.

I not making this up or inventing a scenario here. In fact I doubt we are the only Plesk users that do this.

The sites work fine, https, etc. all good. But we do get these weird Plesk error notices about the DNS that are not accurate to the reality. :slight_smile:

Sid

Ok, so two options.

Either they are just the same by “chance” so unless you have non-Cloudflare NS with your domain, which is especially impossible with Cloudflare Registrar, or they are totally useless. Each query will go to a cloudflare alone.

Or they are getting synced up to Cloudflare, but then it’s still Cloudflare replying. Do changes in Plesk get reflected to Cloudflare (and/or viceversa)?

You can’t have two authoritative DNS servers, so where do your domain nameservers point? If they point to *.cloudflare.com, then your Plesk DNS is just parroting (mind the pun) and you’re better off just disabling the Plesk DNS.

I am pretty sure that was exactly what the old servershield (we don’t have that now) did - sync them.
I have not actually tried testing, by making changes, to see if the Plesk DNS settings on our server stay “sync’d”
and only assume the DNSSEC extension set it initially.

Obviously, the Plesk panel for changing the DNS zone settings at Plesk does not “know” about Cloudflare
DNS and “assumes” we use normal DNS servers at a registrar, so the “error” messages tell us to change
them to make Plesk the primary or ‘master’ DNS server. Obviously, we don’t want to do that.

I honestly don’t know if Cloudflare needs DNS information to be there or not

needs Plesk setup as a 'slave" DNS
or if Plesk DNS is totally irrelevant and can just be disabled

It is a Production server in active use, so don’t want to do experiments if I can find guidance to help! :slight_smile:

I am 99% confident it’s not needed. Just to test, just add a TXT record, at some host with some random test and see if it propagates. if not remove it and you are done with the issue.

Thanks for reply. :slight_smile:

Yes, the domains are registered with Cloudflare as the registrar and CloudFlare name servers are the primary for the domain.

Like DNS servers around the net, Plesk is receiving it’s DNS info (I’m sure) about the domains from the Cloudflare NS servers because they ARE the primary - it’s just that Plesk keeps telling us to change that and make IT the primary. Don’t want to do that - negates the whole reason for using Cloudflare. :slight_smile:

I suspect, but don’t know if we used the Plesk master/slave option and set Plesk DNS to “slave” it would work just fine and get info from Cloudflare - which is what it appears to be doing anyway.

I am NOT as sure that disabling it completely will not cause issues with Plesk - the Plesk installation seems to be setup with the assumption that Plesk will handle/be primary DNS on a dedicated server. Some of the Plesk extensions DO make that assumption. True enough in the ‘old days’ but now it MUCH preferable to route traffic through CDN like Cloudflare or Securi

My search was for experienced information because making changes on a Production server willy nilly is never a good plan!

I do appreciate the feedback we are getting :slight_smile:
(made a post on Plesk forum but took it down - all I got was a lot of negativity about cloudflare i.e. “get rid of cloudflare use…” which was not helpful)

Sid

I have personally never used Plesk, but that seems not actually useful.

But the slave, apart from being a sort of backup (which is still useless as it could miss many records, unless it’s actually doing something with the Cloudflare API, which I highly doubt) must be configured more than just existing, Cloudflare doesn’t support it on lower plans and it’s a very niche configuration.

That is probably the biggest issue, but I can’t help you there, never having used Plesk.

1 Like

Plesk has more/better security & control features than we have had on our cPanel boxes. I strongly suspect that is part of the reason they by default assume they are/will be the primary DNS. It gives them(their software) more control

As to slave option, Plesk does/configure ADD records (on it’s side) not set on the Cloudflare DNS - on both the domains on free Cloudflare plans AND the 2 on Cloudflare plans.

No one on forum here seems to have any actual detailed experience with the Plesk DNS/Cloudflare NS combination, so I will have to ask Cloudflare support directly. Not going to make changes or do a lot of “experimenting” on a production server if it can be avoided. :slight_smile:

Thanks for your help!

Sid

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.