Cloudflare for non-apex domains (only)

Hello!

Due to specifics of our SaaS, we ask our customers (websites, for instance, example.com) to create the following DNS CNAME records:

url-key.example.com CNAME 300 url-key.saas.com

Where saas.com is our domain. Then, our SaaS acts as a proxy to deliver content on url-key.example.com, and we have a full control over what is served on url-key.example.com.

Now, there’s a need to anonymise our server’s IP address to make reverse DNS or any DNS crawler job impossible, i.e. exclude the possibility to find out that url-key.example.com is served by saas.com, while it’s fine to tell that it’s served by Cloudflare.

Cloudflare does this awesome job if you enable “proxy” (orange cloud) option in the DNS config of example.com, but this requires example.com to be registered within Cloudflare.

I am here to find out specifically whether customers like example.com who are not using Cloudflare as their provider can still utilize Cloudflare’s edge network proxy just on their subdomains.

This may sound like a Partial (CNAME) setup [1], but it seems to require people to manually add their domain to Cloudflare, verify it and moreover purchase a business plan [2].

Is there any way to configure this on behalf of the customer? I.e. ask customers to add a SINGLE CNAME DNS record pointing to Cloudflare. The goal is to remove the management hassle from the customer and support customers who are not on Cloudflare.

Thank you in advance for your response.

[1] https://developers.cloudflare.com/dns/zone-setups/partial-setup/
[2] https://developers.cloudflare.com/dns/zone-setups/partial-setup/setup/#verify-ownership-for-your-domain

You’ll want to have a a look at this:

4 Likes

Straight to the point and looks exactly as what I need. Thank you, I’ll give it a try.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.