Does anyone ever receive actual support from Cloudflare?? We have had a situation for well over a week, and its still not resolved. We had a site where an agency setup the Cloudflare account and made Cloudflare the DNS provider for the domain. That agency and the person that set it up are no where to be found. Even though we have credentials to the Cloudflare account, we can’t get past the MFA because it is sending the token/code to the non-existent agency. Without being able to login, we couldn’t create a support ticket, and trying to call is a joke. We finally setup a different account just so we could create a support ticket, and that ticket finally got a BS auto-response after a day. We responded back with details, and 2 days later we finally got a response and were told to add some specific files to the site to prove site/domain ownership. We were told that they would disable MFA for 24 hours. Unfortunately, they didn’t read the original ticket and disabled MFA on the new account we had to setup just to create a ticket, not on the account we need access to. We informed them of that 2 days ago. Since then… crickets. Just FYI… this is NOT a free account. It is a Pro account, yet still we have no support number to call, and support tickets that sit for days. Is this the modus operandi for Cloudflare? Anyone have any suggestions?
If you cannot access the email address tied to that account, I doubt you will be able to recover access, as you will struggle to prove ownership of the account.
Support will expect the request to be sent from the email address on the account that you want to recover access to, so if you can’t do that, I think you will have issues.
Phone support is only offered to Enterprise customers, but I have generally found the support offered on lower plans to be OK and often very good. You can post the ticket number here so one of the mods can check the status of it, but as I said, I expect you will struggle to gain access to that account, and may be better setting the domain up from scratch on your own account.
Proving ownership was supposed to be achieved by placing the files they told us to place in the correct locations on the site, which we have done. The real issue seems to be the speed at which support corresponds. It shouldn’t take days between updates. That is inexcusable. The ticket number is 2094672 if anyone from CF wants to take a look.
By the way, the new account we setup was an actual email address for the domain on the account, rather than a gmail account, like was originally setup. You would think that would have helped.
share the ticket (got it, thank you) number or name of the domain in question, @brian_bewley? I see a ticket with replies/comments from 3 different emails, all different than the one associated with your account here. I do see that 2fa is disabled for the domain mentioned on that ticket, but suspect given what you said, that there is another account/domain I should be looking for.
I am just being curious …
That to me as a customer does not really look like a Cloudflare problem. Rather being the company’s who arranged the agency which obviously had have an unreliable or uneducated employee regarding the security (CISO)?
I am afraid Cloudflare cannot just give you or anyone else the access for some domain/website without any proof of evidence due to the TOS you and all of us have accepted (but obviously haven’t read with understanding of the service as well?)
If you/they have an access to the domain at domain registar, create a new Cloudflare account and point to new Cloudflare nameservers during the process of adding a Website to Cloudflare and have it done - if you/they know how to with which Page/Firewall Rules, DNS and Security settings - if not, then that is a problem because noone did not made any plan for a backup just in case …
How about creating a new account and writing a ticket?
Why did not the agency or company, or employee of it, added a sub-account to itself as a “backup solution” for the described example? (just to think of)
As far as I have contacted the CF support, I always got the answer on a support even as a Free plan customer/user. True, maybe I waited for a day-two, or more depending on the complex of the issue and the time of the ticket creation (which includes support priority described for each CF plan).
2FA may be disabled, but then because we are logging in from an unknown IP, it again sends verification to the gmail account that we don’t have access to.
Agreed, I was just reviewing the thread and ticket details and came to the same conclusion. We ask for files to be added in order to disable 2FA, I don’t think we would/should have asked for that action for lost access to the account. In this instance, I do think the most expedient route to resolution is moving the domain, either to a different cloudflare account or away entirely to avoid a similar issue in the future.
Good question. We are taking over hosting for this client and it’s their site. I don’t think they had anyone technical enough to understand what the agency was doing. That said, this should not be this hard. It shouldn’t take an act of God to regain access to ANY account, especially one you are paying for every month. We will just change the DNS away from Cloudflare, and tell the client (and all of our other clients) to cancel all of their Cloudflare accounts. This is pathetic.
I wouldn’t really say so. If it is not your account, there is no way for you to get access to it, unless the account owner gives it to you. I am not sure how you want Cloudflare to give you access to an account that isn’t yours.
Moreover, have you provided any transaction record (as a evidence) to Cloudflare support and asked them to change the e-mail address of the CF account due your situation? (I do not guarantee the success of that way neither)
If I am allowed to write, from my experience I have had an issue with one domain reseller in Croatia which is certificied and granted company (the reseller of ccTLD for .hr) who transfered one domain which was on my account purchased and paid for years (national .hr ccTLD domain) to another one without any prior notice and/or information just because some member of the company who wanted that domain said “that’s our domain” without providing any proof evidence.
The reseller company, neither they have had a right due to the domain registration policy provided by authorities of national ccTLD registry (CARNet), the reseller company just decided moved the domain out of my account overnight.
Got no response from them, only the CEO (20 years of experience in this field) on the support ticket of that reseller company said he even did not know that domain was already registered and already on my account - well, really? Or he is just stu*id or does not know what his job really is (including 8 employees) - that’s weird
The ccTLD registry at Croatia (CARNet) urged them and they almost got under a court because of the strict regulations and that move.
Also, I have not got the domain back.
Regarding the Cloudflare, I 100% understand their point of view and way of acting as is.
Cloudflare should not follow the example from above, otherwise they would lost a lot of clients.
Regarding my example, after that move, I have moved all my domains and services away from that reseller company due to not being reliable anymore as a provider.
This should never work if it’s not someone’s account to begin with.
What do you mean it isn’t mine? The credentials were provided to us by the client who owns the account and domain. The client is looking to us as their consultants to help them regain access to the Cloudflare account for their domain. The site/domain doesn’t belong to the previous hosting provider, it belongs to OUR client. They are billed for it every month on THEIR credit card. So who owns the account?
Sure, I understand that the domain may be theirs, but if the account is not on an email address that they own, and it’s registered in the name of an agency, as I understand it is from what you said earlier, then as far as Cloudflare is concerned you don’t own the account.
If, in fact, the client does own the account, then they would presumably be able to access it and then grant your Cloudflare account access to manage it.
Perhaps I misunderstood you, if their card details are on that account then maybe they do own it, but then I’m a little confused as to why they can’t get into it or whose the email address on the account is.
We may be missing a piece of the puzzle. Who’s gmail address is on the account?
OK, here is the deal. Our client owns the domain, the account is in their name, and has the login credentials to the Cloudflare account. Our client is billed for the account on their credit card. I think that means they own the account. What they don’t have, is access to the generic Gmail account that was setup and used by their former marketing agency, which is now closed. The marketing agency setup generic emails like [email protected]. Due to MFA and IP verification, even though we have the account’s Cloudflare credentials, we can’t login because we can’t access the Gmail account. We could prove ownership in any way Cloudflare desires. I could change technical contacts with the registrar… I can add files to the website linked to the account. The client could have Cloudflare call the number on the website, or could fax them something on company letterhead from the published fax number. We could provide incorporation papers. The point is, we can’t get any timely response from Cloudflare! This has now been 8 days and we have received a total of 3 messages from support, and nothing since early yesterday morning. That is what I referred to as pathetic.
It’s a generic Gmail account setup by a former marketing agency, now defunct and unreachable.
Ok, that’s unfortunate. That other agency certainly made several mistakes. Hopefully when you move this client to their new setup, you’ll use your client’s email address so this doesn’t happen to them again.
Absolutely we will. We already setup a new email on their own domain for this purpose and shared it with them. Unfortunately, we can’t get Cloudflare to change the email, or even respond.
As I said, that other agency really screwed up. They set up an account with their own credentials, and that’s why Cloudflare won’t release the account to you. And they put 2FA on there? That makes giving their client the username and password pointless.