Noob trying to setup CF with very basic questions

Hi there,

Maybe someone can help me with the following questions. But before, here’s my setup:

  • My registrar is namecheap (NC), with whom I’ve got my domain. com
  • My webhoster ist Fastcoment (FC).

My current namesevers (NS) are pointed to FC (webhoster) and I believe I have a few separate records that were created on my webhosters side (e.g. MX, spmx.l.google com, DKIM1 etc.) pertaining to to my Google GSuite/Gmail so that I can mail from my domain.com via Google Suite.

Now here’s what I want to do…ideally:

  1. Use CloudFlare (CF) to speed up my domain for vistors.
  2. My GSuite/Mail should still be reachable and have interruption period.
  3. Everything else, like my domain.com should still be accessible to visitors.

Is there a problem if I change my NS records with NC from FC to CF? Will everything stay the same, except for CF being my CDN?

Thanks for any help! Best to explain any answers for 4 years olds.

1 Like

Let’s start from the beginning here.

  1. Add the domain to Cloudflare, select your plan (recommending Free, then upgrade as needed).
  2. Before changing the name servers Cloudflare should add a bunch of your current records (MX, A, AAAA, TXT, etc. for some of the most common records), but check when it prompts you and then in the Cloudflare Dashboard under DNS that all the records match the current one. Everything should match. Everything. Consider switching everything to :orange:, excluding records which are related to e-mails, SSH, FTP, etc. or better things you need to access with non standard ports that are not supported by Cloudflare (more info: https://support.cloudflare.com/hc/en-us/articles/200169156-Which-ports-will-Cloudflare-work-with-).
  3. At this point change the NS at the Registrar (Namecheap). Everything should work, if you need HTTPS and you have already activated it switch the records to :grey: until the certificate has been issued (the domain must be switched to CF’s NS and it must be active on CF’s Dashboard. Switch back when issued in the SSL tab.)

Almost forgot: if you need SSL configuration after that ask away.

6 Likes

Hello Metteo,

thanks for clarifying.

I took a look at my current records and the DNS entries in CF.

Current records with FC

DNS Entries in CF
see next post for these entries

They all match up, except the ones from my add-on domain from my webhoster (here FC is my registrar for this add-on domain). I currently don’t care if my add-on domain is on CF or not, just want mydomain.com on there. So it’s safe to assume that I can leave this out? Can you check the settings?

Also, I have a Let’s Encrypt SSL cert on the domain, which I would like to keep/leave untouched. Does that effect anything? Or do I have to do anything? I don’t see any entry for that SSL…

DNS Entries in CF

If it’s a different domain, as in example-2.com vs. yours which is example-1.com then leave it there and don’t add anything to CF, if it’s subdomain.example-1.com, so a subdomain of your own domain then do add the records to CF. No records regarding your domain will work if left at the previous DNS provider.

The certificate is best left there, it should also be kept up to date and valid. Then remove all :orange: (by clicking on them and making them :grey:) from the DNS tab in Cloudflare. In the SSL tab of CF’s Dashboard there is an SSL setting (should be Flexible now, probably): change that to Full (Strict). This will make (other than @sandro happy) your connection fully encrypted from user to server, passing via CF.

Once in that page says that the certificate is active turn the :grey: to :orange: for the record you want proxied/protected/cached by CF. I expect most of them, except those I said before.

4 Likes

Ok, just to get this right:

  1. I go to the DNS tab of CF and click on the two :orange: clouds to make them :grey:
  2. The SSL setting in my Crypto tab on CF is currently Full (Strict) - I didn’t change anything - I promise :slightly_smiling_face:
  3. I now switch my nameserver form FC to CF

That correct? And is the sequence correct?

Truly appreaciate you explaining this to a complete noob like myself! :+1:

Correct.

it may have defaulted there due to the presence of a valid certificate.

I’m just confused by the two A-records for www.mydomain.com and mydomain.com that are currently :orange:. Doesn’t that mean that these two entries are going through CF? :orange: just implies to me that CF is “on”, no?

Or do I turn them on after the nameservers have been changed? Sorry, if I’m asking this.

You turn them off now, nothing is passing through CF at the moment (regardless of :orange: or :grey:) as the NS at the registrar point somewhere else. After the certificate has been issues (<24hrs, often much less, but you might never know, check as explained above) you turn them on again.

OK, thanks!

Seems to be active now (received mail from CF). SSL cert ( Universal SSL Status Active Certificate) is still on Full (strict) and active.

You should be able to turn the records to :orange: now.

This topic was automatically closed after 31 days. New replies are no longer allowed.