In BHF, there was a recent issue related to cloudflare where the browser screams the site is a phishing site. So I thought of writing up how does a service like cloudflare affect your blogger blog.
What is Cloudflare?
Well we have that written all over Wikipedia: Cloudflare. Let's go on with why Blogger users look for Cloudflare.
What is Cloudflare?
Well we have that written all over Wikipedia: Cloudflare. Let's go on with why Blogger users look for Cloudflare.
Anciently Blogger users used Cloudflare for one simple reason. HTTPS for custom domains.
So what happens when you introduce Cloudflare into your domain?
What is a DNS redirect?
I am trying to explain this in easy terms. I'll try not to be too technical. When a custom domain URL is hit, usually the domain requests go to Name servers from where the browser would obtain where the domain points to.
So normally, without cloudflare, when a URL is hit, it first goes to the respective name server to pull the DNS records. Usually to publish a blogspot address, we add 4 * A records and a CName record.
Let's consider CName alone for instance and so the mapped name is ghs.google.com. Therefore the www URL request is redirected to ghs.google.com and from there Google takes care of the publishing.
When it comes to cloudflare, when the same URL is hit, it first goes to the respective name server to pull the DNS records and turns out www URL will be mapped to an IP address provided by cloudflare. So, the request is redirected to this IP address (this is redirect number 1)
This IP address will be holding the SSL certificates required for HTTPS. Once this IP address receives the request, it redirects it to ghs.google.com or one of the four IP addresses. (this is redirect number 2)
(Please note that this is a rough idea and am not sure if just one redirect happens)
What happens when such redirects happen?
So what happens when you introduce Cloudflare into your domain?
DNS Redirect.Your custom domain will be configured with the proxy info provided by Cloudflare and when the request is hit, DNS redirect happens.
DNS redirect is bad for the site's health.A number of reasons, but the most important is that some browsers, when it detects a DNS redirection, it thinks that it is a phishing site.
What is a DNS redirect?
I am trying to explain this in easy terms. I'll try not to be too technical. When a custom domain URL is hit, usually the domain requests go to Name servers from where the browser would obtain where the domain points to.
So normally, without cloudflare, when a URL is hit, it first goes to the respective name server to pull the DNS records. Usually to publish a blogspot address, we add 4 * A records and a CName record.
Let's consider CName alone for instance and so the mapped name is ghs.google.com. Therefore the www URL request is redirected to ghs.google.com and from there Google takes care of the publishing.
When it comes to cloudflare, when the same URL is hit, it first goes to the respective name server to pull the DNS records and turns out www URL will be mapped to an IP address provided by cloudflare. So, the request is redirected to this IP address (this is redirect number 1)
This IP address will be holding the SSL certificates required for HTTPS. Once this IP address receives the request, it redirects it to ghs.google.com or one of the four IP addresses. (this is redirect number 2)
(Please note that this is a rough idea and am not sure if just one redirect happens)
What happens when such redirects happen?
- Affects your search engine visibility.
- Becomes a suspect of phishing site sometimes.
- Slows down the speed of your blog as it is through a proxy server.
and so on.
What to do if the blog becomes a phishing suspect?
Three steps to follow and you'll be good,
- Remove cloudflare or any other such service.
- Setup your custom domain DNS properly with 4 * A records and a CName record.
- After doing the above steps, report your blog itself in this link below,
https://safebrowsing.google.com/safebrowsing/report_error/
What do we do for HTTPS then?
If you had been a cloudflare-blogger user for a while now, I am aware you are going to ask me what would you do for HTTPS. Blogger itself supports HTTPS for custom domains which I hope should help. Kindly checkout and let me know.
If you had been a cloudflare-blogger user for a while now, I am aware you are going to ask me what would you do for HTTPS. Blogger itself supports HTTPS for custom domains which I hope should help. Kindly checkout and let me know.
Finally, if you want to know more about debugging custom domain related issues, check out my article below,
How to Blog?: Common issues where custom domain is involved.
(Image courtesy - lifewire.com & aws.amazon.com)
I just wanna say. This tips is very good. I want to try cloudflare on my site.
ReplyDeleteHi Afriant,
DeleteCloudflare for HTTPS redirect is not to be done. That is what the article is totally about. However you could try using cloudflare for other tools if that helps.
Thank you for your comments.
Just subscribed this blog waiting for more posts :)
ReplyDeleteHi Azulnauta,
DeleteThanks for subscribing. I just discovered your comment. You can keep seeing blog articles now and then here-on :-)
DNS redirects shouldn't be visible to the browser, since it all happens on the back-end, so this is a little bit confusing.
ReplyDeleteDNS redirects are supposed to be happening in the back-end but when it happens through cloudflare, it has it's disadvantages.
DeleteHi
ReplyDeleteHi there, am just checking comments. Sorry for the late reply. Hi. Is there anything I can help you with?
DeleteGood morning
ReplyDeleteBeautiful
ReplyDeleteThank you.
DeleteCao
ReplyDeleteGood
ReplyDeletegreat
ReplyDeleteGood job
ReplyDelete