Maybe someone can help me with the following questions. But before, here’s my setup:
My registrar is namecheap (NC), with whom I’ve got my domain. com
My webhoster ist Fastcoment (FC).
My current namesevers (NS) are pointed to FC (webhoster) and I believe I have a few separate records that were created on my webhosters side (e.g. MX, spmx.l.google com, DKIM1 etc.) pertaining to to my Google GSuite/Gmail so that I can mail from my domain.com via Google Suite.
Now here’s what I want to do…ideally:
Use Cloudflare (CF) to speed up my domain for vistors.
My GSuite/Mail should still be reachable and have interruption period.
Everything else, like my domain.com should still be accessible to visitors.
Is there a problem if I change my NS records with NC from FC to CF? Will everything stay the same, except for CF being my CDN?
Thanks for any help! Best to explain any answers for 4 years olds.
Add the domain to Cloudflare, select your plan (recommending Free, then upgrade as needed).
Before changing the name servers Cloudflare should add a bunch of your current records (MX, A, AAAA, TXT, etc. for some of the most common records), but check when it prompts you and then in the Cloudflare Dashboard under DNS that all the records match the current one. Everything should match. Everything. Consider switching everything to , excluding records which are related to e-mails, SSH, FTP, etc. or better things you need to access with non standard ports that are not supported by Cloudflare (more info: https://support.cloudflare.com/hc/en-us/articles/200169156-Which-ports-will-Cloudflare-work-with-).
At this point change the NS at the Registrar (Namecheap). Everything should work, if you need HTTPS and you have already activated it switch the records to until the certificate has been issued (the domain must be switched to CF’s NS and it must be active on CF’s Dashboard. Switch back when issued in the SSL tab.)
Almost forgot: if you need SSL configuration after that ask away.
They all match up, except the ones from my add-on domain from my webhoster (here FC is my registrar for this add-on domain). I currently don’t care if my add-on domain is on CF or not, just want mydomain.com on there. So it’s safe to assume that I can leave this out? Can you check the settings?
Also, I have a Let’s Encrypt SSL cert on the domain, which I would like to keep/leave untouched. Does that effect anything? Or do I have to do anything? I don’t see any entry for that SSL…
If it’s a different domain, as in example-2.com vs. yours which is example-1.com then leave it there and don’t add anything to CF, if it’s subdomain.example-1.com, so a subdomain of your own domain then do add the records to CF. No records regarding your domain will work if left at the previous DNS provider.
The certificate is best left there, it should also be kept up to date and valid. Then remove all (by clicking on them and making them ) from the DNS tab in Cloudflare. In the SSL tab of CF’s Dashboard there is an SSL setting (should be Flexible now, probably): change that to Full (Strict). This will make (other than @sandro happy) your connection fully encrypted from user to server, passing via CF.
Once in that page says that the certificate is active turn the to for the record you want proxied/protected/cached by CF. I expect most of them, except those I said before.
I’m just confused by the two A-records for www.mydomain.com and mydomain.com that are currently . Doesn’t that mean that these two entries are going through CF? just implies to me that CF is “on”, no?
Or do I turn them on after the nameservers have been changed? Sorry, if I’m asking this.
You turn them off now, nothing is passing through CF at the moment (regardless of or ) as the NS at the registrar point somewhere else. After the certificate has been issues (<24hrs, often much less, but you might never know, check as explained above) you turn them on again.
, excluding records which are related to e-mails, SSH, FTP, etc. or better things you need to access with non standard ports that are not supported by Cloudflare (more info: 
until the certificate has been issued (the domain must be switched to CF’s NS and it must be active on CF’s Dashboard. Switch back when issued in the SSL tab.)
now.