Background
I am not able to setup the Cloudflare for SaaS Custom hostnames service with a render.com origin.
I receive an Error 1000 “DNS points to prohibited IP” when attempting to go to a customer custom hostname.
Question
Is render.com compatible with the Cloudflare for SaaS Custom hostname product?
See setup steps below resulting in a Error 1000, HTTP 403 for customer domains.
Setup Steps
- In render.com - Add a custom domain to web service
- Render domain: myapp-123.onrender.com
- Custom domain: origin.myapp.com
- Get instructions to add a CNAME record to DNS registrar
- In Cloudflare - Create a CNAME record for render.com web service
- name: origin
- value: myapp-123.onrender.com
- Proxied (Orange cloud): No
-
In render.com - Confirm domain has been verified, cert issued/deployed
-
In Cloudflare - Turn on proxy (orange cloud) for origin.myapp.com CNAME record
- This is required by the Cloudflare custom hostname service
- In Cloudflare - Configure Custom hostname service
- Go to Custom hostname service page
- Configure with origin → origin.myapp.com
- Go to SSL page - Turn on Full SSL
- In Cloudflare - Add custom hostname for a customer
- Add app.acmeinc.com to custom hostname
- Verify ownership, wait for Cloudflare SSL to be deployed and issued
- In customer DNS registrar - Point to Cloudflare
- Create a CNAME pointing to Cloudflare
- Name: app (acmeinc.com)
- Value: origin.myapp.com
Observe the following
https://myapp-123.onrender.com - Works as expected
https://origin.myapp.com - Works as expected
https://app.acmeinc.com - Errors with Error 1000 - 403
