Using Cloudflare DNS Integration for Client Domains?

lcs

I'm trying to understand the Cloudflare integration. If I create a new website called domainname.com it wants me to add the enhance DNS servers, which I understand. Is there a way to let it control the DNS via the Cloudflare API integration so that Cloudflare and proxying can still work? Cloudflare stops working when we change the DNS.

twest

lcs after you add the integration you then have to go into the domain's dns in the domains section and click the drop-down menu to select the API, which activates the integration. Make sure the dns in the dns manager is what you want, because as soon as you activate the api using the drop-down Enhance will take over the dns management (pushing whatever is in enhance dns manager out to CF, deleting whatever was previously at CF).

After the API integration is activated, then you can click on records in enhance dns manager and turn on proxy as needed.

xyzulu

See https://enhance.com/docs/dns-role/dns-cloudflare.html
In this scenario your domain must point to it’s Cloudflare nameservers, not your Enhance nameservers.

slimx

A simpler way to explain it:

Add CloudFlare API key to ENHANCE customer account
Go to Customer Website > Domains > Click on CLOUDFLARE INTEGRATION
Any Edit you do on ENHANCE DNS settings will now work
You enable proxy INSIDE Enhance DNS page

Note: If you change something on CloudFlare after doing this, Enhance may override it if you make a change. So all DNS changes (even when on CloudFlare) must be done through Enhance.

bdd

slimx

did you manage to access wordpress admin site when cloudflare proxy is turned on?
I'm only able to access admin when cloudflare proxy is turned off. this is the same when enhance's cloudflare integration is turned off, and all changes are made manually on cloudflare

twest

bdd what's the speçific error you get? Theres many misconfigurations you may have that aren't compatible. For example, you'll want to make sure the SSL setting in Cloudflare is set to Full. I think it sometimes defaults to flexible or strict, and that will give errors.

bdd

twest
changing from the default flexible to full works!

thanks!

lcs

I got this integration working when I'm using a TLD with Enhance, and it was a test domain, so I didn't mind letting it go to see what it could do. It's pretty slick! Thanks for that.

When I tried to do a development sandbox (new Wordpress site for a client that is not yet hosting with us) I added a website called dev.myenhancetld.com (i.e. cp.myenhancetld.com is also a subdomain). No matter what I did, the Cloudflare integration wouldn't take. I was selecting the same API key that the Enhance top-level control panel has been using fine. The error I get is: "Failed to connect Cloudflare API token: CloudFlare returned error code 0, message: Requires permission "com.cloudflare.api.account.zone.create" to create zones for the selected account". This happens even when I assign additional permissions to the API key Like Zone😃NS:Edit, Zone😃NS:Settings, and others.

I manually added dev.myenhancetld.com and added to NS records (glue records I think?) to dev.myenhancetld.com and that got it working. I had to click in and reissue SSL, but it's up and running. Not sure what happened there.

I know that this is meant to be more of a reseller control panel, and requires full DNS handoff. The Cloudflare integration makes this still workable for me, however it would be nice to be able to import the current DNS setup with Cloudflare so it doesn't get overwritten with invalid DNS records. For example we have no intention of hosting any email with Enhance, so we wouldn't want any autodiscover, MX, or other TXT records entered. I don't have the email role installed, but it looks like my test domain still got all of that. I wonder if there's a way to adjust/control for that.

xyzulu

lcs dev.myenhancetld.com

Adding a subdomain is always going to be a problem with the current Cloudflare integration implementation. You will need to add it manually, either to the Enhance zone for myenhancetld.com (if that is integrated with Cloudflare) or to Cloudflare manually... as you have discovered.

lcs however it would be nice to be able to import the current DNS setup with Cloudflare so it doesn't get overwritten with invalid DNS records

This has been requested a number of times. It doesn't appear to be a priority for Enhance, but sometimes it's hard to know.