Using Cloudflare Without Changing your Name Servers – Partial CNAME Zones

Content Error or Suggest an Edit

Notice a grammatical error or technical inaccuracy? Let us know; we will give you credit!

Introduction

Can I use Cloudflare without changing name servers? If you’ve ever been in a situation where you wanted to use Cloudflare services for a domain name, but you couldn’t change the name servers on the domain.

Or you had done what is described in the Facebook post below. Multiple clients point their domain names to your server, and you want to use a CNAME so that if your server goes down you can change the CNAME record. But some of your clients don’t want to move their DNS to Cloudflare, what do you do?

Image 2022-03-18 at 12.28.09 PM

Why can’t I point the domain to a Cloudlfare-protected record?

So, the issue is that Cloudflare can only deal with domain names if they’re set up in their system. So, trying to point a domain name not configured on Cloudflare to a protected IP will result in an error due to the Cloudflare system not knowing about the original domain name. This will result in Cloudflare returning a 10116 error.

What are the possible solutions?

There are many possible solutions that you can use to use Cloudflare on a domain name without updating the domain name servers. The following are the possible solutions.

Partial CNAME Zone

Cloudflare provides a Partial CNAME zone, which allows you to have a DNS zone that doesn’t require changing your name servers. You have to create a TXT record to verify ownership. Here’s a screenshot of the Overview page on Cloudflare domain that is setup as a Partial CNAME zone.

When using the Partial CNAME zone method, you must ensure the domain name’s existing DNS provider supports ALIAS records or CNAME Flattening on the domain name’s apex record. This is due to the fact that Cloudflare requires that both the apex record (@) and any other records are CNAME’s pointing back to Cloudflare. There is no way to use an IP Address to point back to Cloudflare unless you use the Cloudflare SaaS service.

The Partial CNAME zone works by using a zone suffix per the screenshot below. I’m using the domain name wpinfo.net in this example.

When you create DNS records in the new Partial CNAME zone, simply point your records to an IP or host and ensure that you have proxy enabled for these records. You then go to the DNS provider for the domain name in question and create and ALIAS or CNAME for each record.

wpinfo.net -> wpinfo.net.cdn.cloudflare.net
www.wpinfo.net -> www.wpinfo.net.cdn.cloudflare.net

You’ve now successfully set up your domain name to use Cloudflare Partial CNAME zones, and you can control all the Cloudflare features on the DNS records of your choice.

DNS Providers that support ALIAS and CNAME Flattening

The following providers support ALIAS and CNAME Flattening at the time of this writing.

  • Hexonet – X-ALIAS support.
  • NS1
  • AWS
  • Hurricane Electric
  • CSC DBS
  • noc.org
  • ClouDNS
  • Name Cheap

DNS Providers That Don’t Support ALIAS or CNAME Flattening

The following providers don’t support ALIAS and CNAME Flattening at the time of this writing.

  • Porkbun – Utilizes Cloudflare for its DNS infrastructure.
  • Network Solutions – Doesn’t seem to be supported. Need clarification.

How to Create Partial CNAME Zones

There are a few options to create Partial CNAME zones within Cloudflare. You might have realized that you can’t create Partial CNAME zones from a regular Cloudflare account. I’ve listed the options available to create Partial CNAME zones.

1. New Agency / Self-Serve Partner Program (Free-$1000/year)

A new Self-Serve Partner Program was released to replace the Hosting Partner program and provide new features and support.

  • Multi-Tenant Account Support
  • Centralized Self-Serve Billing
  • Access to the full catalogue of Cloudflare Self-Serve Products and add-ons
  • Self-Service Plan Discounting
  • No Upfront Commitments

You can read more about the Agency / Self-Serve Partner program at the following links.

Partial CNAME Zones Available in the Partner Program via the Cloudflare API

You can set up Partial or CNAME Setups for Domains. It’s not detailed in any documentation, but you will receive this from the self-serve beta team.

During the beta, there are some things to keep in mind:

  1. Partial or CNAME Setups for Domains

Many of our customers leverage our Authoritative DNS solution. If your customer prefers to maintain their authoritative DNS and you need to set up a partial or CNAME-only domain, you can do so via the API using the optional ‘type’ parameter with a value of ‘partial’ to the tenant create account API call.

OR

Once the account and zone are created, your account will have the entitlements to convert to a CNAME via the dashboard.

Cloudflare Partner Program Fee In the Future

Also, be aware that there will eventually be a $ 1,000/year charge for this program.

Q: Is there a fee or other requirement?
There is no fee during the open beta. As we move to early and general access in 2023, there will be $1000/year annual program fee required for platform access and onboarding.

https://www.cloudflare.com/cloudflare-partners-self-serve-program-closed-beta/
2. Become an Enterprise Partner

The enterprise partner program is still available for those looking to become an implementation or integrator preferred partner. Here are a couple of links for reference. I’m not 100% sure if this gives you access to create Partial CNAME zones.

Cloudflare Enterprise Partner Program

3. Cloudflare Business or Enterprise Account ($200-$500/month)

You can set up a Partial CNAME zone with a Cloudflare Business or Enterprise account. Here are the instructions

This KB answers the question about how to use the Partial CNAME

Can I use Cloudflare without changing my nameservers to Cloudflare?

4. Become a Hosting Partner or utilize an existing Hosting Partner (Discontinued)

You can become a Hosting Partner or use a hosting partner. Most people do this when they want to use the cPanel / WHMCS integration. But you can also add domains using the API and manage them.

This actually works well with WHMCS, but you don’t get all the Cloudflare goodies, unfortunately. You can sign up as a Hosting Partner on the Cloudflare website.

UPDATE: The Hosting Partner program and its APIs have been discontinued.

To make way for the new, we first must discuss the end-of-life of some of Cloudflare’s earliest APIs. Built and launched in 2011, our Hosting and Optimized Partner Programs allowed our initial CDN and DDoS solutions to expand to brand-new audiences around the globe. These APIs were essential for fueling growth in the earliest days of Cloudflare supporting reseller partners, hosting partners, and external plugins that helped make implementing Cloudflare easier than ever. On November 1, 2022 – Cloudflare will be discontinuing support for our Host and Reseller APIs. 

https://blog.cloudflare.com/self-serve-partners-beta/

Cloudflare SaaS (Alternative to Partial CNAME zone, supports IP for Apex record Enterprise Only)

Cloudflare SaaS is another product that doesn’t require name server changes. You set up a dedicated domain for your SaaS service (Ultimo or WordPress Multi-site) and then manually add each client’s domain via API.

The clients then add a TXT record and then point their domain name to your provided SaaS CNAME, and an SSL certificate will be generated.

Announcing Cloudflare for SaaS for Everyone
Before today, SSL for SaaS was only available to Enterprise customers. Today, we are excited to announce that our SaaS solution is available to everyone. And to reflect the evolution of the product since it was first released, we’re changing the name: Cloudflare for SaaS.
blog.cloudflare.com

APEX Proxying with IP’s

If your DNS service doesn’t support the ALIAS record type or CNAME Flattening on a domain name’s apex record, then you can upgrade to Enterprise and either pay for your own IP’s or BYOD.ou can read more about Cloudflare SaaS at the following links.

Apex proxying · Cloudflare for Platforms docs
Apex proxying allows your customers to use their apex domains (example.com) with your SaaS application.
developers.cloudflare.com

Conclusion

The Self-Serve / Agency Partner program is attractive if you need a Partial CNAME zone setup. It’s free, and as you grow, you’ll gain more. Another option is Cloudflare SaaS if it works with your goal and the DNS service doesn’t support ALIAS or CNAME flattening. If you can splurge $200/month on Cloudflare Business, then the Partial CNAME zone setup will work.

Changelog

  • 09-01-2023 – Added DNS providers that support and don’t support ALIAS record and CNAME Flattening.
  • 08-31-2023 – Entire rewrite to be more cohesive, including screenshots.
  • 02-22-2023 – Partial rewrite to remove inaccuracies and include other solutions.
0 Shares:

You May Also Like
Read More

How to Silence Netdata Alarms

Understanding Netdata Alarms Before silencing an alarm, it’s crucial to understand how Netdata alarms work. Netdata provides a…