DNS_PROBE_FINISHED_NXDOMAIN without any changes to website or DNS

The website genesiskirjat dot fi can not be reached with the browser giving DNS_PROBE_FINISHED_NXDOMAIN error. Everything has been working for a few months without changes to DNS and suddenly it stopped working.

Nameservers are pointed to Cloudflare and tested to work.
The IP of the webserver is confirmed by the website provider to be right.
All the records (cname and a) are confirmed by the website / hosting provider to be right.
I have tested disabling and enabling Cloudflare proxy.
All steps checked the steps on the DNS_PROBE_FINISHED_NXDOMAIN topic post.
Email delivery works with google workspace.
I tested disabling DNSSEC but no change to this behavior.
The ping to the website says “Unknown host”

Any help is appreciated!

Should I just pressure the website provider because DNS seems to work to my knowledge but the website provider says that the problem is with DNS?

The site has been down for couple of days but right now it started working again… First with a vpn to the neatherlands and then here in Finland. I do not know what could have been the problem?

DNS resolution generally works fine, however you must have recently changed your DNSSEC setup and that is still cached with resolvers. You will need to wait until that expires.

There is however an issue your host has to fix and that’s the expired certificate on your server. You have no valid certificate and an insecure legacy encryption mode on Cloudflare.

In short, your site is insecure.

I do not have control over the site or its hosting so I can’t fix that. That website is from a marketing agency where we recently moved the domain and DNS to our own control to get google workspace. Do you think that the days of the outage were because of Cloudflare DNS or the web hosting service/origin server? I am going to get rid of that website hosting asap as the billing period ends.

Yeah, I would highly recommend to change hosting for mentioned reason. It’s the basic job of any host to provide a secure server and right now your site is essentially without encryption I am afraid.

As for DNSSEC, that is not Cloudflare related but there must have been changes on your registrar’s side.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.