CNAME setup misunderstanding

Hello there,

I have a question that I couldn’t answer searching through the community threads and official documentation (I also have an open support ticket) about CF’s CNAME setup, and understanding this will help me decide transitioning to the Pro/Business plan or not.

Suppose I have a web app that lives in app.horacio.com, and that I have Cloudflare enabled on that domain, proxying all incoming traffic, protecting me against DDoS and so forth.

Now suppose I own (or manage) another subdomains: horacio.partner1.com and horacio.partner2.com, serving the contents of app.horacio.com using a typical CNAME record setup. Given that I’m scared the DDoS could come to any of those too, I want to protect both of them with Cloudflare, maintaining authoritative DNS.

Is this situation the use case of the CNAME setup? If not, is there a way I can protect specific subdomains serving my site while keeping authoritative DNS?

If you have read this far, thanks a lot. Any pointers will help me.

From? You mean “to”, right?

So what you essentially would like to do is protect these two hostnames even though you do not control these domains?

AFAIK a CNAME setup on a Business plan would still require control over the originating domain and you’d need to add it to Cloudflare, though you wouldn’t need to change the nameservers. As you don’t control these domains you most likely won’t be able to do that and that would presumably require a custom solution which Cloudflare might provide under an Enterprise agreement. But you’d still need to convince these service providers to point to Cloudflare of course. Is that an option? Typically you’d only point your own domain to these hosts and that would not require any CNAME setup.

It probably would be best to contact them at https://www.cloudflare.com/plans/enterprise/contact/ and discuss your requirements - @HenryM

However, considering these hostnames are managed by these two other providers it should really be them who take care of that, so IMHO that’s something you really wouldn’t need to look into.

Hey sandro, thanks for your reply.

Yes, sorry about that. I meant “to”.

And no, I do control those domains. I just don’t want to change the name servers, as you said.

If you control these domains you could add them via a CNAME setup but you’d still need at least a Business plan for both domains. I’d still place them rather behind a regular host on the other domain with a standard CNAME record.

2 Likes

Gotcha. Thanks for your responses. I just wanted to make sure that what I was proposing made sense and was doable using CNAME setup.

Doable certainly and https://support.cloudflare.com/hc/en-us/articles/360020348832-Understanding-a-CNAME-Setup would have all the information but I am not sure it is worth $400 a month if you could achieve the same thing by keeping these hosts a bit more of a “secret” and placing them behind a CNAME of your regular domain.

Hey, sandro. I kept thinking about what you suggested. Could you please elaborate a little bit more on that approach? Thanks for all your help.

For starters you don’t really need the other hostnames in the first place (particularly if you control that domain) as you could use the IP addresses directly but even if you want to use these hostnames for your other domain, you’d simply create a CNAME record for app.horacio.com and point it to horacio.partner1.com.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.