web 2.0

Proxy DNS using CloudFlare

2/19/2025

After moving my domain from SquareSpace to CloudFlare, I lost the DNS configuration that pointed web traffic to Google Sites.  Following instructions in Google Workspace's admin support pages, I added four A records pointing to Google's IPs and a CNAME record for the www subdomain.  That then produced browser errors for "too many redirects" when browsing the domain so following this article, I changed CloudFlare's SSL configuration from the default setting, "flexible," to "full" or "full (strict)".  Then when browsing the naked domain, I got "SSL handshake failed" (error code 525).

To resolve, I started by turning on "always HTTPS" in CloudFlare's SSL edge certificates configuration settings and added two "always redirect" rules: (1) http to https, and (2) the naked domain to the www subdomain.  Then, following CloudFlare documentation I added a new A record pointing back to CloudFlare (192.0.2.1) and "proxied" that DNS record. Seeing this configuration worked, I turned on proxy for the CNAME record and then deleted the four A records that had pointed to Google's IPs, recognizing they were superfluous.  That then left the one A record and one CNAME record proxied.  I then added a custom URL in Google Sites to point the site to my domain, and a custom redirect rule for http:// requests to the naked domain (which wasn't necessary, since I told CloudFlare to use "always HTTPS").