CNAME setup process ignored!



I am currently setting up CNAME and railgun with your engineer BANG. D

And both process have not completed and my whole site is down! And seems he has gone offline and let another engineer to follow my case, he called Sam H. And he seems not quite understanding what’s going on. Could please anyone of your Cloudflare team to help me to complete my CNAME setup so that my site can continue running!

Also please help to guide me the installation of Railgun! Now my ticket is just being ignored.


still no one answer and solve my question


This is a customer forum…and when you posted your message, it was in the middle of the night for many of us.

Post your ticket # and one of the mods will probably push it along when they get in this morning.



I’ve reviewed the ticket and it appears the team has been providing quite a bit of assistance and helping to troubleshoot issues which are well beyond the scope of Cloudflare’s settings. I appreciate that you are having difficulty but the issues appear to be primarily related to your server/ service migration and not Cloudflare specifically.

At the moment your DNS nameserver is not returning a response for www.your.domain. If your nameserver isn’t returning a response, then clients can’t be directed to Cloudflare. Since you are in a CNAME setup that means you’ve chosen to manage your own authoritative nameserver instead of using Cloudflare for DNS.

Other than it used to be that way before, is there any reason that you NEED to be in a CNAME setup and simply don’t use Cloudflare for authoritative DNS? It’s generally much easier to manage a full setup using Cloudflare.

At the moment with the current config there’s not really anything Cloudflare can do. You need to modify your current DNS provider’s settings for www so that it returns the correct value (e.g.


I have been following your staffs to change my DNS record and the issue on my side has been solved, CNAME has been added and pointed to your

My sites are still down.

Please advise.


I’m sorry but the issues on your side still persist. You can see for yourself by running dig CNAME or doing a DNS lookup using MX toolbox or the DNS lookup service of your choice. Your DNS server is not returning a result for the record you are trying to proxy through Cloudflare.


; <<>> DiG 9.11.1 <<>> CNAME
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36452
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 512

;; AUTHORITY SECTION: 1799 IN SOA 2018013142 3600 7200 1209600 86400

;; Query time: 117 msec
;; WHEN: Fri Feb 02 11:53:16 CST 2018
;; MSG SIZE rcvd: 120


Is there a reason you need a CNAME setup? Why not just switch your nameservers to Cloudflare and manage them from there?


Thanks for your follow up. I am talking to my host now.

i asked your staff before on why we should choose CNAME instead of nameserver, his answer was speed, performance and security. That’s why i have chosen using CNAME. And everything works fine when i was using shared hosting at Godaddy. And because of the use of Railgun (as it needs to have root access to install railgun listener), and in view of my company’s future planning, i have upgraded to VPS, that’s why i need set it all up again.


My host just told me that it is the TXT and CNAME of the SSL stuffs which caused the problem.

If you take this values off from my site should load properly without any issues.

Please advise how should i amend this and get it fixed.


I guess you can remove the entries from your DNS management interface with your host, though those are valid DNS entries. But that’s a problem with their DNS management interface and if they can’t handle those it may cause you further issues in the future.


so what you are telling me to do is to delete the TXT record for verification purpose as well as all the CNAME for SSL issuance and leaving the CNAME for pointing to in my DNS?

If deleting TXT and SSL CNAME, would there be any negative effect?


When it comes time to renew your SSL certificates they will fail and/or you will get a new set of CNAME records to enter with an _ in them which will again break your DNS unless your provider gets around to accepting RFC compliant entries for their DNS.

We do also check the verify record, there is nothing wrong with it and no reason to delete it. Your hosting provider is high. It returns just fine at the moment unlike the other verify records…


so if i just delete the three CNAME for SSL in my DNS management interface, will my SSL from cloudflare be destroyed?


We won’t be able to automatically renew them, but it shouldn’t impact you currently no.


okay. I can’t believe CNAME setup is that difficult. And there is some configuration conflicts between Cloudflare and Godaddy. In view of this unsolvable issues, i might need to use name-server instead.

May i know exactly which type of performance will be degraded in comparing with a CNAME setup?


I can’t think of anything that would be degraded in a CNAME setup. Assuming you import all of your DNS settings from your current setup into Cloudflare performance will be better in every way.

By far our preference for customers is that they use a full setup vs. a CNAME setup. The only times we recommend a customer use a CNAME setup are:
a. When using a partner who autoenables it when they use Cloudflare w/ 1 click enablement (and only then when they are not tech savvy enough to change their nameservers with their registrar).
b. When they have made significant investment in automation of their DNS management and making a change to Cloudflare for DNS is not possible because they can’t afford to retool (at least in the short term).
c. When they are putting a small portion of a larger org on Cloudflare and it is difficult politically to justify moving all of the customer’s DNS for a marketing site (for example).

Beyond that, I always recommend Cloudflare in a full setup. It makes SSL renewals seamless, provides the fastest DNS service of any major DNS provider and protects DNS against DDoS attacks.

Setting up ssl cert for sub-domain

The reason that i have chosen to perform a CNAME setup was because of one of your staff telling me that my site will be faster, more secure. So i go ahead to a CNAME setup. But now you have another reason for me to choose back to name-server setup, errr…it looks to me that i have no option but to accept to use name-server setup instead.

So i can only conclude that, cloudflare’s CNAME setup is somehow not compatible with the VPS plan’s whm DNS setting, so for those who are on Godaddy’s VPS plan including myself, maybe stick to name-server setup instead of a CNAME.

Thanks for your effort cscharff.