Error 1000 - Cloudflare for SaaS Custom hostnames with origin

I am not able to setup the Cloudflare for SaaS Custom hostnames service with a origin.

I receive an Error 1000 “DNS points to prohibited IP” when attempting to go to a customer custom hostname.

Is compatible with the Cloudflare for SaaS Custom hostname product?

See setup steps below resulting in a Error 1000, HTTP 403 for customer domains.

Setup Steps

  1. In - Add a custom domain to web service
  1. In Cloudflare - Create a CNAME record for web service
  1. In - Confirm domain has been verified, cert issued/deployed

  2. In Cloudflare - Turn on proxy (orange cloud) for CNAME record

  • This is required by the Cloudflare custom hostname service
  1. In Cloudflare - Configure Custom hostname service
  • Go to Custom hostname service page
  • Configure with origin →
  • Go to SSL page - Turn on Full SSL
  1. In Cloudflare - Add custom hostname for a customer
  • Add to custom hostname
  • Verify ownership, wait for Cloudflare SSL to be deployed and issued
  1. In customer DNS registrar - Point to Cloudflare

Observe the following - Works as expected - Works as expected - Errors with Error 1000 - 403

1 Like

Hey Joel,

Thanks for the very thorough details - the hard thing is though being able to debug without actual domain names etc. Do you have a service setup like this so we can make queries and see?

It might be that replying here in a public forum isn’t ideal so contacting us via the dashboard via the ‘Contact Support’ link at the bottom is the best place to let us assist you with this,


John B

Thanks John for the quick reply. I understand. I’ll reach out with the Contact Support feature with the actual service URLs. :muscle:

ok, We’ll keep our eyes out for it.

John B

Hi we are facing very similar issue. I dropped a ticket and waiting hear back from render. Can you help with that please?

Hi, I’m having a very similar issue as well. I submitted a help ticket for this but I’m curious if anyone here has been able to get this working?

I have the same issue. Has anyone resolved this?

To close this out - We’ve confirmed with Cloudflare that our Cloudflare SaaS zone cannot be fronted by another Cloudflare SaaS zone - this is by their design.

It would result in a prohibited IP error.