I’m using Cloudflare Pages and have a domain name purchased with Cloudflare as registrar.
Now, as far as I understand, in order to point my domain name (purchased with Cloudflare as registrar) to my website (deployed from GitHub to Cloudflare Pages), the only option is setting up a Custom Domain (Custom domains · Cloudflare Pages docs).
Is this really the only way in this specific case?
Also, I see that by default, when setting up a Custom Domain on Cloudflare Pages, Cloudflare sets the DNS CNAME to Proxy.
This will cause an higher response time due to the extra proxy hop. Isn’t so?
There’s no good reason to. As @cscharff mentioned, there’s no proxy hop. Cloudflare maps all hostnames to their destinations.
Custom Domain is essentially a Custom Hostname. If x.com actually points to another account via CNAME, as soon as a request for x.com comes into Cloudflare, that request immediately goes to the origin that hosts that requested hostname.
Again, as cscharff pointed out, no extra hop, so no higher response time. No reason to not use a Custom Domain.
Thanks @sdayman. I will go with Custom Domain then.
But I’ve noticed that – as I’m using Zero Trust to limit access to my *pages.dev to a few email addresses only – by using Custom Domain with CNAME pointed to my domain name, Zero Trust will block my domain name also. Do you know any workaround for this?
What is your objective? I’m unclear on your motivation. Are you wanting to allow public site access to vistors who arrive via your custom domain while simultaneously limiting access to anyone who uses the project.pages.dev name?
This won’t do exactly that, but might be close enough to do something that meets your goals.
Thank you @epic.network
Yes, I’d like to keep my *.pages.dev protected with Zero Trust in order to let my dev team preview the deployments before pubblication. I was looking before to this Bulk Redirects, I like it better than Single Redirect and I think I will use it. But I guess that the problem with Zero Trust protection on *.pages.dev is that even randomly generated hash for the preview deployment will be redirected. Isn’t so?
Yes, I was reading about the unckeck Include subdomains. It’s not clear to me how this will operate in effects, so I guess I will have to try it. In case, I will move the discussion to Zero Trust category. Thank you @epic.network