How to change google suite services address

I am a newbie in this world and I am trying to learn, I have a website with its domain (lets say www.xe.net) and it is working with cloudflare and I have some google suite services working (somebody else did this for me long ago) at the moment, if a logged user goes to mail.xe.net or calendar.xe.net it will go directly to his/her email or to the calendar. My question is: is there any way use another domain (i.e. xe.dev) and make the google services run trough that addres? so for example to check the email the addres to type would be mail.xe.dev but still will use the xe.net domain? does this make any sense?

Thanks in advance

Hi @jfernandez,

I am not sure I understand exactly what you are looking for… Do you just want a redirect from mail.xe.dev to mail.xe.net, or do you want to redirect everything on xe.dev to xe.net? You can do all this with page rules.

These may help:

If this is not what you want, can you please clarify?

My explanation was horrible, thanks for even trying hehe. I am gonna try my best:
What I would like is that if a user type mail.xe.net this will do nothing but then if he types mail.xe.dev(the new domain) it will actually go to mail.xe.net and will access to his email account. Does it make any sense? Basically what I want is to add some more security so if by any chance anyone from outside gets to break the password do not get access to all the other services such as drive and calendar for example. Probably there are better ways to do this, but as I said, I am just a newbie. I am open to any other solutions or documentation to start reading in order to improve this issue.

Thanks a lot for taking the time to answer, it is apprecieated

So assuming I get you this time, you want some way of limiting the services accessed when logged into a GSuite account?

I think that even if you put the mail link on a separate domain, those URLs just redirect you to the relevant Google pages. So if you get into Drive, you can switch to Gmail easily without using the custom link on your domain. I don’t think there is really anything that Cloudflare can help with here. You could use something like Cloudflare Access to limit who can access an area of your site, but I don’t think that would help with GSuite given you can log in through a Google page (not on your domain), usually, as well.

Thanks again for replying.

I do not really want to limit the services access actually, what I have on mind is to disable the routes mail/calendar/drive.xe.net, so in the case somebody figure out a user´s password if he just type in the bar mail.xe.net gets an error page, and instead make them work through mail/calendar/drive.xe.dev . Basically I would like to add some security. Does it make any sense? What would be a better if not too complicated solution?

Thanks a lot!

I am not really sure how that would add security. If they figure out a user’s password, they will be able to access their account (unless MFA is enabled).

If you just want to change the URLs, then you should be able to change this in your Google Admin console and configure the new domain accordingly.

I am new on this world so I would like to learn, I have learnt a lot through the forum and videos but I cannot find but I want to do, so sorry if my question is too obvious but I have not found what I am looking for with the search tool.

Basically I have 2 domains (lets say 123.net and 123.dev) currently we are working with 123.net for email calendar and drive on G-suite, I would like to find a way so instead typing mail.123.net to go to the email users could just type mail.123.dev and redirect them to the mail services which are running on 123.net, is there any way to do this?

Thanks!

Hi again @jfernandez,

You can perform redirects with a page rule.

Hello again, and thanks for replying, I basically just want to redirect email, drive and calendar, so 3 urls, I tried the pager rules and did not work but I just realized the 123.dev was still pending nameserver update, once is done I will try again. But I should not need anything apart from 3 page rules right? I will go through the links you provided me

Thanks again!

Ok so I follow your tutorials and I set it up like this:

but still do not seem to work.If I do the redirecto from f****.dev to f****.net it does redirect to the website, but I am looking to redirect the email. calendar and drive urls from g suite. As far as I have watched on the tutorials, the domain I want to redirect to, does not need to be changed at all right?

Thanks again!

Firstly, you may want to remove the https from the match URL so it redirects on either protocol without having to redirect to HTTPS first and then do the second redirect.

Then, with the DNS records you have not added a record for the subdomains you want to redirect. You need a :orange: record for mail and one for drive etc.

Ok working now!

My idea now is to only let the user access through mail.123.dev and not through mail.123.net (even though the services are all hosted on 123.net) is this possible?

Thanks a lot for the help.

Great.

You are currently redirecting the .dev to .net so if you stop the .net ones working, then using the .dev links will just redirect you to the non-working .net ones.

If you configure the .dev links to redirect directly to GSuite then you could simply remove the .net ones or even block access to them with a Cloudflare Firewall Rule.

Currently there are two redirects:
mail.f*******n.dev --> mail.f**************s.net --> https://mail.google.com/a/f**************s.net

So you could simply edit the page rules you created for the .dev links and forward them straight to https://mail.google.com/a/f**************s.net instead of going through the .net links first.

Then either remove the DNS records for mail, drive etc. on the .net domain, or remove the redirects and create a firewall rule like:

You are a star! Thanks again.

So I changed the redirection on the .dev so it forward it directly to https://mail.google.com/a/f**************s.net and it still works, and I removed the DNS subdomains for mail, calendar and drive on the .net but… they are also still working, I am doing something wrong? or it could take a while to take effect?

The mail one seems to have gone now, but calendar and drive are still there. It can take a short while to take effect, but make sure you have removed the calendar and drive records too.

I have just done on mail to test, so have you checked and mail is not working through mail.f****.net? why is it working for me? cache?

I used the dig command:

dig mail.forgottenempires.net

; <<>> DiG 9.16.1-Ubuntu <<>> mail.forgottenempires.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37428
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;mail.forgottenempires.net.	IN	A

;; Query time: 4 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu Jul 09 15:42:12 BST 2020
;; MSG SIZE  rcvd: 54

And you can see status: NXDOMAIN which means that the DNS records weren’t found.

Probably, yes.


Also, you probably realised this, but when you are forwarding the .dev domain, obviously this is the link for mail, but you need to use https://drive.google.com/a/f**************s.net and https://calendar.google.com/a/f**************s.net respectively for the drive and calendar redirects.

so I am trying on another browser and none of them seem to be working at the moment email.net or email.dev:
On .dev have:

  • Forward the email to https://mail.google.com/a/forgottenempires.net
  • Deleted the the CNAME on the DNS for mail

On .net I have

What have I missed or have done wrongly?

A million thanks!

So I went back to the beginning when both were working but none of them seems to work now :sweat_smile: neither mail.f****.dev nor mail.f*******s.net

On the .dev, all three redirect me to the corresponding one on .net for now.

[email protected]:~$ curl -I mail.forgotten.dev
HTTP/1.1 302 Moved Temporarily
Date: Thu, 09 Jul 2020 15:04:50 GMT
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://mail.forgottenempires.net
cf-request-id: 03d5b4ae5f0000068a4d9bc200000001
Server: cloudflare
CF-RAY: 5b02f0909c62068a-LHR

[email protected]:~$ curl -I drive.forgotten.dev
HTTP/1.1 302 Moved Temporarily
Date: Thu, 09 Jul 2020 15:05:50 GMT
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://drive.forgottenempires.net
cf-request-id: 03d5b598c90000ce7386811200000001
Server: cloudflare
CF-RAY: 5b02f207acf4ce73-LHR

[email protected]:~$ curl -I calendar.forgotten.dev
HTTP/1.1 302 Moved Temporarily
Date: Thu, 09 Jul 2020 15:05:58 GMT
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://calendar.forgottenempires.net
cf-request-id: 03d5b5ba320000074e672ac200000001
Server: cloudflare
CF-RAY: 5b02f23d1e27074e-LHR

Then on the .net, they all redirect me to the Google address

[email protected]:~$ curl -I mail.forgottenempires.net
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Jul 2020 15:08:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: __cfduid=d3e635a1ac5b7d420b93cdf01b6bf283b1594307282; expires=Sat, 08-Aug-20 15:08:02 GMT; path=/; domain=.forgottenempires.net; HttpOnly; SameSite=Lax
Location: https://mail.google.com/a/forgottenempires.net
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 03d5b79d6a0000e6745616f200000001
Server: cloudflare
CF-RAY: 5b02f5424eb5e674-LHR

[email protected]:~$ curl -I drive.forgottenempires.net
HTTP/1.1 302 Found
Date: Thu, 09 Jul 2020 15:08:09 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: __cfduid=d8d9b6e5432ed92144777e1504a8da0601594307289; expires=Sat, 08-Aug-20 15:08:09 GMT; path=/; domain=.forgottenempires.net; HttpOnly; SameSite=Lax
Location: https://drive.google.com/a/forgottenempires.net
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 03d5b7b9220000ce63a8181200000001
Server: cloudflare
CF-RAY: 5b02f56e9bf1ce63-LHR

[email protected]:~$ curl -I calendar.forgottenempires.net
HTTP/1.1 302 Found
Date: Thu, 09 Jul 2020 15:08:19 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: __cfduid=d894d5bb7057b227d03178e46a93e64ce1594307299; expires=Sat, 08-Aug-20 15:08:19 GMT; path=/; domain=.forgottenempires.net; HttpOnly; SameSite=Lax
Location: https://www.google.com/calendar/hosted/forgottenempires.net
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 03d5b7deda00000736db1f2200000001
Server: cloudflare
CF-RAY: 5b02f5aaf8a90736-LHR