Custom hostname giving http 404

I have a custom domain say (ADomain) on namecheap whose traffic I want to redirect my cloudflare server say (BDomain)
The steps I performed are:

  1. added cname for (ADomain) with target app.customer (in namecheap)
  2. then added cname “proxy-fallback” and target “BDomain” (in cloudflare)
  3. Then added cname “*cname”" and target “proxy-fallback.BDomain” (proxied) (in cloudflare)
  4. Then added fallback origin in custom hostname that was created above (in cloudflare)
  5. Then added custom hostname “ADomain” (in cloudflare) with http validation TSL 1.0 default
    It shows active status and ssl but when I type ADomain it says

This (ADomain) page can’t be found

No webpage was found for the web address: (ADomain)

HTTP ERROR 404

I am writing ADomain, BDomain as I have limited permission being new user
Any help on this would be :pray:

Can you maybe share the domain you are having problems with, as well as screenshots of your configuration in Cloudflare?

It’s hard to follow your description above.

My cloudflare DNS record and custom hostname:

I have followed these steps https://www.youtube.com/watch?v=DxXJCEvnv1E
My usecase is similar.
Don’t know what I am missing :frowning: :disappointed:

vogueemporiumpk.com. 1799 IN CNAME rio.stream.

An apex domain can’t be a CNAME record. It’s an error that Namecheap allows you to do this, but not why you see the 404.

I’d assume the 404 is due to your server configuration. Did you add vogueemporiumpk.com to your server configuration?

No I didn’t add it on server. Just on namecheap this cname you mentioned and as a custom hostname on cloudflare.
How would I fulfill my scenario?
Want to render rio.steam from vogueemporiumpk.com
something like:
vogueemporiumpk.com => proxy-fallback.rio.stream => rio.stream

Well, you need to add vogueemporiumpk.com, or how else would your server know what website to serve for that name?

Also, that we can see a 404 probably means that you are using the Flexible SSL mode in Cloudflare. We should really see a certificate error when you have not configured the domain on your server.

Flexible is not secure, as it only uses HTTP to connect to your server. I recommend that you use Full (strict) SSL setting in Cloudflare.

I was expecting to not configure anything on server explicitly.
vogueemporiumpk.com should render content of rio.stream by cloudflare
vogueemporiumpk.com => proxy-fallback.rio.stream (configured at cloudflare) => this should render rio.stream

and my mode if Full. If I switch to Full strict mode it throws Invalid SSL certificate Error code 526

On Enterprise plans, Cloudflare gives you the option to change the Host header and SNI via Origin Rules.

If you don’t have that, the request sent to your server will still be for vogueemporiumpk.com, so you need to configure that name and an SSL certificate with that name on your origin server.

You should be able to generate a Cloudflare Origin certificate for the name, now that it is verified as a custom domain.

Hi there,

As @Laudian stated, this will not be possible due to the fact that you are unable to create CNAMEs at the apex.
Even if your registrar shows you as correct, you can check it’s not propagating:

dig CNAME vogueemporiumpk.com

; <<>> DiG 9.10.6 <<>> CNAME vogueemporiumpk.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48970
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;vogueemporiumpk.com. IN CNAME

;; AUTHORITY SECTION:
vogueemporiumpk.com. 3601 IN SOA dns1.registrar-servers.com. hostmaster.registrar-servers.com. 1711540744 43200 3600 604800 3601

;; Query time: 65 msec
;; SERVER: 127.0.2.2#53(127.0.2.2)
;; WHEN: Wed Mar 27 13:51:38 WET 2024
;; MSG SIZE rcvd: 121

I would suggest that instead of trying to add your apex as a custom hostname, you could either:

a) add it to Cloudflare even as a free zone and then you’d be able to CNAME at the apex and add it as a custom hostname at the other zone.
or
b) CNAME WWW (or any other subdomain) instead of the apex and do a redirect to www at your registrar (if possible).

Take care.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.