How do I safely disconnect my account from Cloudflare?


#1

I need to disconnect my domain from Cloudflare. Do I need to redirect a name, MX records, CName or any of the DNS records before I delete my account?

Is there anything else I should do? Thanks for your feedback.


#2

Permanently:

Yes. You’ll need to setup all DNS records on the nameservers that will handle your domain in the future before you change your nameservers for your domain.

Or simply set all records to :grey:

Temporarily:
Pause CloudFlare in your dashboard


#3

Thank you Mark. So does the grey cloud action set everything back to defaults? So I point everything back to my host? Thanks for your reply!


#4

Correct. You can use the Cloudflare dashboard for DNS management only. All clients will directly connect to the origin.

Do you have any issues when CF is active?


#5

No just user error :slight_smile: Although it is making it difficult for me to set up admin email for my SSL certificate. I am having issue’s pointing the MX record back to my host.


#6

Also, my host says that my a name is not pointing to the correct IP but the correct IP is listed in the A name section.They are saying that the A name needs to be this or your SSL Certificate will not work properly. When I check the A name it says it is the exact Ip number they say it should be but it shows up differently on DNS records


#7

Mail servers must not have Cloudflare activated. By default CF wouldn’t proxy non-http traffic. If thats the point.

This is intended when your A record is set to :orange: Cloudflare will hide the servers IP address and show their addresses.

Basically: yes. The “A” name must be included in the cert. Cloudflare’s free certs cover the 2nd level (example.com) and all sub domains on the third level (www.example.com, shop.example.com and so on)
You can use cloudflare even with an invalid certificate on the origin server (self signed, expired…) by setting the SSL option to “Full”.

image

The certificate on the origin has expired months ago.

What’s your host?


#8

My host is BlueHost.


#9

So Mark. Are you saying that I can have a free SSL cert. via cloud flare by changing the setting to full? Would I have to set up an admin email like my host is requesting? This stuff is too tecky for me! Thanks for being so kind to offer your help!!!


#10

Exactly!

You do not need an admin e-mail if that is the e-mail they use to fill the certificate.

You can simply set the SSL setting to full and it should already work if you have your DNS record set to :orange:, otherwise change it and wait, usually (it could be up to 48 hours, but it’s extremely rare), a few minutes for the settings to propagate.

In case the host doesn’t have an SSL certificate, even expired, on the origin you can set the SSL setting to Flexible. This will still give your users the :lock:, but won’t encrypt the traffic from the Cloudflare edge node to your origin. This still requires the :orange: record.


#11

Bluehost has initiated the SSL certificate already but I needed to change MX records to point back to them to set up admin email. Do I need to change MX back?

Anyway, it sounds like I can just change the SSL setting here and I’ll be good. Thanks so much for the help everyone!


#12

Well if you can cancel the order with BlueHost. Well you should point your MX records to your primary e-mail provider (where you receive your email), without that you won’t receive anything. If you do not have one, then leave them at BlueHost.


#13

So I should cancel the SSL thru Bluehost? I realized that I did switch the SSL to full here on CL two days ago and it says active cert. but my site still has unsecure message.


#14

What is your domain? I can take a look!


#15

heytheredelyla.com Thank you!


#16

All right, two things to do:

  1. change you Crypto settings to Flexible, BlueHost rejects connections on the HTTPS port and shows another page instead of yours.
  2. set the Always on HTTPS toggle to one and the HTTPS Everywhere (this is optional, it could solve Mixed content issues, you can try first without it) as well.

#17

Ok thanks! I will do that. Do I need to cancel SSL with BH? Sorry for all of the Q’s!


#18

Yeah I would cancel that, I would wait a couple of minutes to check that your changes work (there is no reason they wouldn’t, but better safe than sorry).


#19

I changed HTTPS toggle to On but don’t see HTTPS Everywhere?


#20

Sorry, my bad! It’s named “Automatic HTTPS Rewrite”. I don’t see the changes applied though… Have you changed the SSL setting?