Correct DNS and NS Settings Between DigitalOcean and Cloudflare as Registar


#1

Hi everyone,

I badly need help in setting up my DNS and NS. I recently transferred my domain to Cloudflare and I don’t know what the settings should be between Cloudflare and DigitalOcean. I was able to make this work before with Namecheap as my registrar since there are a lot of tutorials available but I can’t find one when you have Cloudflare as the registar. And why do I suddenly have a lot of IP address in Cloudflare?

I have attached below my current settings for both of them. Greatly appreciate any help. :slight_smile:

Best regards

Cloudflare Set-up:
Imgur

DigitalOcean Set-up:
Imgur

(ss in 1 thread: https://imgur.com/a/WY2PAL6)


#2

You can ignore Digital Ocean’s name servers.

Is this just one regular droplet? It should just be the one IP address listed at DO for that droplet. I’m betting it’s the .95 and you can delete the rest. Do you really need those wildcard subdomains in DNS?


#3

Hi sdayman, thanks for helping out.

I really don’t know what I am doing now. I’m ready to take any recommendations. Yes, this is just one regular droplet. You are right, the IP is 206.189.42.95. I think those wildcards were added after I transferred my domain to Cloudflare.

So, is it okay to remove all those other entries that is not the IP address of my droplet? Is this all that I need now?

Are there any settings I need to change in DO?

Thanks.


#4

Get rid of that wildcard also…unless you’re going to be adding a bunch of random subdomains that you don’t want protected by Cloudflare. The two entries with the :orange: look good.

You don’t need to do anything at DO…but you might want to set up a firewall to only permit Port 80 and 443 access from Cloudflare. I’ve done this to stop attackers from bypassing Cloudflare. And I open up Port 22 in that firewall for my home IP address so I can SSH in. Everything else should be blocked…unless you have some special use cases.


#5

Wow! Thank you so much for the fast response and the additional tip. I will follow your recommendation to only permit Port 80 and 443 from Cloudflare. This is a good security measure.

I’ll just wait now for the new DNS records to kick in. How long do you think would it usually take for it to kick in?


#6

DNS takes about 5 minutes once your site has been successfully added to Cloudflare.

What’s your site supposed to look like? Right now, it’s just a bit of text.


#7

I was able to successfully install the Wordpress Script Installer via RunCloud a few hours ago. DO and RunCloud seems to be working okay (I’m assuming).

Here’s a screenshot of the RunCloud summary:
Imgur

I checked https://whois.icann.org/en/lookup?name=brightframework.com and found this:

Imgur

which means (found here: https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en#clienttransferprohibited):

Imgur

This seems to be causing my site to not appear as it should be. What are your thoughts?


#8

That’s funny. I’m working on Runcloud tonight.

That’s a normal status. It means your domain registration is locked, preventing someone from taking that domain registration away from you. It has nothing to do with DNS or your site not loading.


#9

Oh okay. I thought it was something weird as its the first time I saw that kind of status. Welp, I’m wondering what could be causing this to happen. Do you have any recommendations on where should I look first and try tweaking on it?


#10

Set those DNS entries to :grey: and see if the site still loads. If you set up the Digital Ocean firewall to block all non-Cloudflare connections, turn that firewall off so you can connect direct.


#11

Hi @sdayman, my site finally loaded thanks to your help. I followed your recommendation and managed firewalls. I previously added a firewall rule for Runcloud and I think that was the culprit of the issue.

But now its working okay now. Again, thank you so much for your help. If there is something you suggest me reading about this type of setup I’d be glad to do it. :slight_smile: