Is it possible to use cloudflare without having them managing my DNS?
Solution 1
To clarify -- yes, we offer a CNAME pointing option that is available for paid level plans (business level and above) whereby you can point CNAME records through CloudFlare while continuing to use your own DNS. That being said, we operate a global DNS network with 23 data centers, and have routinely been shown by independent groups to be #1 or #2 in terms of fastest DNS resolution among all DNS providers so I'm not entirely sure why you wouldn't want to use our DNS network.
http://www.solvedns.com/dns-comparison/2012/11 http://www.solvedns.com/dns-comparison/2013/01
p.s. I do work for CloudFlare so these details above are accurate.
Solution 2
Not in the free plan.
If this is an issue, I can suggest you to try our service (Incapsula). We offer similar CDN capabilities and provide CNAME-only setup option for all free and paid customers.
Having said that, while the services are similar, there are some notable differences you should be aware of.
CF is Faster - We both use CDN for proxy and cache acceleration and we both provide content optimization but CF offers more POPs (23 to our 15) and it will provide 4-5% more speed boost. (http://www.sitepoint.com/battle-of-cdn-comparing-cloudflare-incapsula/)
Incapsula is Safer - Incapsula is much more security focused with features like PCI compliant WAF and Backdoor Shell Protection. Overall, we can counter ~95%-98% of all malicious requests (SQLI, XSS and so on) and will identify ~99% of bat bots, through challenges and signatures.
(http://tonyonsecurity.com/2012/11/13/protecting-your-website-cloudflare-or-incapsula/)
If you need the extra speed, you should consider CF paid plans. After all, they do a pretty good job in the acceleration department. If you prefer the free program or prefer tighter security, Incapsula might be a better choice.
Solution 3
No, CloudFlare works by firstly hosting authoritative nameservers for your sites. This is a fundamental part of its operation.
It does this so it can anycast out different IP addresses for initial DNS lookups for content; these go to CloudFlare's datacentres (as of 2010 they had 23 across the world, probably more now). They cache static content with a short expiry time; for non-cached content their servers proxy through requests to the actual server then forward them with some optimisation and compression.
If you don't allow the CloudFlare network to assume NS authority and become the intermediary between a user and your server, your CloudFlare account's about as useful as a chocolate teapot. ;-)
See http://www.quora.com/CloudFlare/How-does-CloudFlare-work for a very detailed response from the CloudFlare CEO to a very similar question.
Related videos on Youtube
28 : 15
![How To Setup Cloudflare DNS [FAST] Add Your Domain to Cloudflare DNS Server](https://i.ytimg.com/vi/oBONjM3OXuc/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLB_2uGSj40rCoJLtTI5Tg27cGHnHg)
07 : 04
![How to Setup Cloudflare DNS (2022 update) [FAST]](https://i.ytimg.com/vi/XQKkb84EjNQ/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLCxFQRxGtjdDBr15FGvZQiWh8W4Ww)
05 : 26
06 : 26
02 : 43
sharp12345
Updated on September 18, 2022Comments
-
sharp12345 over 1 year
I need to use cloudflare without having them managing my DNS, My DNS server have much more options that I do need.
Instead of setting cloudflare as my dns server, I have added it as a NS record from the
wwwsubdomain only.And at my DNS server I have added a forward from
domain.comtowww.domain.com.It appears to be working fine, however, my cloudflare is giving me:
"websites" -->
"Finishing up. Waiting for your name servers to change to ***** Please allow up to 24 hours to complete this process (info)"
"dashboards" -->
"Analytics data could not be loaded.
You do not have any initialized zones"
Is there anything I need to worry about here ?
-
Admin about 11 yearsIf using your own name servers you should'nt need to touch the NS records to point to cloudflare at all. Simply use www as a cname with @ and then at the a record @ ipaddress additional is that domain forward a standard 301 redirect? have you checked? in regards of that cloudflare message simply message them I'm sure they can turn that off or least there will be an option too otherwise. -
Admin about 11 yearsIf you don't point your domain to CloudFlare (using your own DNS) then CF will tell you it is still waiting FOR you to point to theirs. So, if you add a domain to CloudFlare and then DON'T USE CF, then CF will think you haven't changed the DNS to them (which is correct). By using your own DNS, you shouldn't have anything to do with CF.
-
-
thebeagle about 11 yearsHow does Incapsula meet the requirements for PCI compliance? I've had to recently handle renewing our own PCI certification at work so I know it's no simple task for any of the parties involved where data handover potentially involves sensitive personal & card details.
-
Igal Zeifman about 11 yearsSorry, didn't see the reply until now. We offer the only cloud based PCI compliant WAF - this helps deal with (the dreaded) clause 6.6 of the bill. Basically we offer 60$ solution to a thousand dollar problem. More info here: incapsula.com/tour/pci-compliance -
Nathan Lee over 10 yearsYou are assuming everyone wants the CDN part of cloudflare. If you just want DDOS protection a CNAME should be sufficient. See the answer from xxdesmus.
-
xxdesmus over 10 yearsJust to comment on @NathanLee's point. Using the CNAME setup is not at all recommended if you're being attacked. A CNAME setup by definition only means CloudFlare will be active on your CNAME records -- not your A records, and your origin is going to be an A record. If you're being attacked or concerned about being attacked using CloudFlare for your authoritative DNS is without a doubt the superior/safer option.
-
Simon East over 9 yearsApparently CloudFlare just received PCI certification: blog.cloudflare.com/cloudflare-is-pci-certified
-
robocat over 9 yearsPerhaps also check results for other months (not just the two best months that xxdemus chose). Also SolveDNS only measures from "Los Angeles, Dallas and New York" so results are definitely not international. Also I think the numbers could be gamed by some providers: "How do we collect the data: Every month, there are thousands of users that use SolveDNS as their DNS testing tool. Each DNS query is timed and logged." Quotes from solvedns.com/dns-comparison with edits by me.
-
Mike Marynowski almost 6 yearsIs this answer still current? From what I can tell Incapsula does not have a free tier of service aside from a trial.
-
Simon over 5 yearsHey! We manage hundreds of web sites. We use OpenSRS for DNS and we are HAPPY. We where looking with interest CloudFlare but if we have to use a 2nd DNS, it is quite sad. :(
