This tutorial is deprecated as Cloudflare have deployed a fix to this
Archive
Cloudflare have deployed a fix to this and domains should not end up stuck due to Cloudflare for SaaS, if you have a similar issue then it is likely to be something else.
Thanks to @albert and @matteo for freeing so many domains with Liberate the Hostname before Cloudflare fixed this product.
Background
Cloudflare for SaaS is a product aimed at providers of web applications to allow the provider to use Cloudflare’s features on their customers’ custom domains. This means the provider can manage the SSL/TLS certificates, custom hostname and security and performance settings with Cloudflare. If your provider uses Cloudflare for SaaS, you will be unable to control settings like Firewall, Page Rules and SSL/TLS for the hostnames they control.
What happens when you move provider?
When you leave a provider, they should offboard your hostname from their systems which should include their Cloudflare configuration. This means they should remove your domain from their list of Custom Hostnames in Cloudflare. If they fail to do this, it can result in you seeing your old site hosted with that provider or an error page like Shopify’s “There was a problem loading this website”, Heroku’s “There’s nothing here, yet” or a 404 or similar from other providers like WP Engine or Gitbook. This can happen if you swap to another provider using Cloudflare or if you proxy traffic through Cloudflare directly. Alternatively you may notice that some Cloudflare features such as Page Rules and Firewall Rules are not working for you.
What should I do if a provider does not offboard my domain?
If you are moving from one provider using Cloudflare for SaaS to another:
- Ask your new provider to follow the process to create an HTTP ownership_verification record. This should take priority over the old setup and allow them to gain control of your domain.
If they are unsuccessful:
- Contact your old provider and ask them to remove any Cloudflare configurations for your domain, specifically SSL for SaaS / Custom Hostnames. Direct them to this article if needed and ask frontline support to escalate it to their technical team if required.
If you are unable to get a reply from your old provider:
- Contact your new provider who uses Cloudflare and ask them to open a Cloudflare Support Ticket requesting Cloudflare to manually remove your domain from your prior SaaS platform. As you are not directly a customer of Cloudflare in this situation, you will not be able to contact them yourself and the provider should do it on your behalf.
If you are moving from a SaaS provider to your own Cloudflare configuration:
- Contact your old provider and ask them to remove any Cloudflare configurations for your domain, specifically SSL for SaaS / Custom Hostnames. Direct them to this article if needed and ask frontline support to escalate it to their technical team if required.
If you are unable to get a reply from your old provider:
- Login & go to https://dash.cloudflare.com/?account=support and select “Get More Help”. Select ‘Account’ as the issue type. Use the description “Cannot remove custom hostname” and include details of the issue in your ticket including what you have tried with the previous provider. Support will then verify your ownership of the domain and proceed with manually removing it.
What if I can’t wait for Support?
An unofficial tool has been created by @albert and @matteo that is able to take control of your hostname from the 3rd party provider and then release it to allow you to use Cloudflare yourself or your chosen new provider. If you would like to try this, you can follow the instructions here:
https://liberate-the-hostname.pages.dev/
If you have any issues or questions about this tool please open a topic here.
Frequently Asked Questions
Why does my old provider still have control when my DNS records point elsewhere?
This is due to Hostname Priority, when multiple Cloudflare setups exist for a hostname, only one can take effect. Due to the nature of how Cloudflare for SaaS works, this has to be prioritised over a regular DNS setup.
What is Cloudflare doing to address this issue in the longer term?
Cloudflare is aware of this issue and how frustrating it can be for users. Work is being done to include an indicator in the dashboard to allow users to more easily see if their hostname is controlled by a third party. This will also lead to the ability for users to remove their own domain from other configurations that may be affecting it.
Tutorial Reference: CT-51
Reviewed: 06/22
This is a Community Tutorial. Most are wiki posts, so can be contributed to by Regulars and MVPs here. If there is a tutorial you would like to see, you can request one here.
If you would like to provide any feedback on this tutorial, please post in the #Meta category, tag your post #TutorialFeedback and let us know the Tutorial Reference above.
Other great resources on this community include the Community Tips . These address best practices when configuring Cloudflare, how to fix issues you may see, and tools to troubleshoot. Also you can view Expert Tips, great posts on the community from people in the know that may help you with your issue.
We encourage users to check out these great resources and the Cloudflare Support Centre before posting.