Setup Mailgun with Cloudflare subdomain - cloudflare

I'm trying to setup my domain to receive emails through Mailgun and Cloudflare, and i think i'm really closest but can't make it work.
In Mailgun, i've all DNS verified:
I think the problem is in Cloudflare, configuring the subdomain (that Mailgun suggest me to create mg.mydomain.com)
I have not got any record related with the subdomain (mg.mydomain.com). Is any change i'm something?
Also, I already setup a Route in mailgun to redirect incoming emails to my email address.
Thanks in advance!

I found the answer here:
https://community.cloudflare.com/t/setting-mx-records-for-a-subdomain/4942/2
What you need to do is:
On Mailgun:
Setup a domain for your incoming email (e.g.: foo.example.com)
On Cloudflare:
Go to DNS
Add an A record for your subdomain (foo.example.com)
Add an MX record. For the first field (name), put: foo.
When you click 'click to configure', it will open a dialog box where you can put the values for mxa.mailgun.org
Repeat for mxb.mailgun.org

For the CNAME record, you just need to make sure that the status is configured as 'DNS Only' (the little cloud on the right is grey)

Related

DNS records cannot be found for SSL certificate using custom domain on GAE

I am trying to add a custom domain to GAE but Google is struggling to issue an SSL certificate for the naked domain, as it says the DNS records could not be found.
I have tried to map both the naked domain and the www subdomain. When I entered these in the GAE custom domain section I was given 4xA records (above), 4xAAAA records (above), and 1x CNAME record for the www subdomain.
I've entered all of these records at GoDaddy.
The www subdomain in GAE was able to verify the DNS records relatively promptly but the naked domain has not been able to for 4/5 days now.
When I use a DNS lookup tool to check the A records, for the naked domain I see:
...and the four records provided by GAE are there (the other two can't be deleted or edited at GoDaddy). So why is GAE saying the DNS records cannot be found?
And when I use the same tool to lookup the www subdomain I see:
...which I guess must be correct as the certificate has issue without any problems.
If I remove the naked domain from GAE custom domain mapping then users just see a Google generated 404 error message saying the URL was not found on their servers.
Without the SSL, I can navigate to the naked domain using HTTP and I get redirected to the www subdomain (not sure if this is GoDaddy domain forwarding or Django PREPEND_WWW in action - both are setup). But if I try HTTPS on the naked domain, I get a page cannot be displayed due to failing to establish a secure connection, therefore I really need to get to the bottom of the SSL issuing problem.
I am not sure where I am going wrong and would appreciate some suggestions.
The traffic is confused, that is why the naked domain is not working because it was pointing to 2 separate vendors (server) by using the A record one from godaddy and another one from GAE. What you are doing is correct by adding the A record from GAE to your godaddy DNS. However the A record from godaddy must be deleted.
Based from this link possibly there is a forwarding setup wherein your domain is lock from the godaddy’s A record. It was also mentioned in the link that if you don't have forwarding setup, you can reach for their assistance on this link
Another possible concern is that a preset has been set on the account that permanently forwards your domain. It was suggested to remove the preset or change the settings of the preset to unlock the A record.

Is there a way to way to control which CNAME gets what content?

My ultimate goal is to have free plan cname content, and premium plan cname content.
For example if someone has a cname of free.example.com set to my website I'd like to show them a specific page, and if premium.example.com I want to show them another page. Finally, I'd like to know if there is a way to add new cnames to my list so that I can have them view a certain page?
Just to make this more understandable this, I want to do something like https://www.gitbook.com/ do with their cnames, and cname serving.
You'll have to use the Host header from the user's request to identify which subdomain or cname they're visiting, and then showing them the desired content. If the subdomain such as free and premium are fixed, you could use Nginx server blocks or Apache virtual hosts to direct the user to specific application or application URI.
Likewise, you can get the Host header with req.hostname in Express. Based on the host, you can route the user to the desired content. You can add as much subdomains or cnames you wish and let your application control the content for the user based on the host. If your DNS host has an API (such as Cloudflare), you can add your subdomains programmatically, or you could do a wildcard subdomain to accept any subdomain.

New Google Domain won't connect to Heroku

I have followed all steps to set up my own Google domain that I purchased with Heroku. However when I have to enter the Synthetic Record Information I get an error that says:
This synthetic record has an error and will not function correctly:
The SSL Certificate for this domain hasn't been created yet. This process may take up to 24 hours to complete.
I am not sure what I did wrong. I selected to Temporarily redirect, do not forward path, and Enable SSL.
On the Heroku side the ACM status is labeled ask okay but when I click on the link to go to my webpage it does not work and I get an error from the browser that the server IP address cannot be found.
I have set up the CNAME and DNS target correctly as well.
You may need to add Custom resource records not Synthetic Record
And my other suggestion would be using Firebase if you purchased Google Domains.
They work well together. And Firebase provides free SSL too.

Forwarding mail from Cloudflare through Mailgun

I have a domain that is run through Cloudflare. I want to receive custom emails for my domain such as hi#domain.com. I want those emails to be forwarded to my personal gmail address.
I set up Mailgun with my domain, and it verified the MX, TXT, and CNAME records are set up correctly at Cloudflare. I set up a route on Mailgun to forward any mail sent to my domain to my personal gmail account. However, I am still not receiving email send to hi#domain.com.
I have set up mailgun using the recommended domain mg.domain.com
I have had a similar issue that turned out to be related to the Spam Experts system, called Professional Spam Filter in Cpanel. Within that subsystem under Incoming there is an Edit Route. That needed to be changed from the domain name to the Server name (name of the host server).
I tested it on two different domains and it worked instantly.

Pointing GoDaddy DNS to GitHub page uses http over https

I have my DNS settings as shown in the image
DNS Setting along with an additional CNAME with host www and value as my GitHub page. Next I setup a CNAME entry in my GitHub page with an apex entry to my domain. The issue I face is that whenever I visit my domain with an https protocol, it shows a warning that the connection is not secure. I get the following in Chrome:
NET::ERR_CERT_COMMON_NAME_INVALID
How do I fix this? I have both https and http access for my domain.
UPDATE: Github introduced custom domain support for HTTPS on May 1, 2018.
If you are using GoDaddy and want to upgrade to HTTPS, do the following:
Go to DNS settings for your site in your GoDaddy account.
Remove all existing A records.
Open a terminal and do dig +noall +answer <YOUR-USERNAME>.github.io. You should see a table listing 4 slightly different IP addresses:
On GoDaddy, create 4 new A records, each one pointing to one of the IPs. For host use # and set the TTL to a low user-defined value (if you are in a hurry).
Go to your page repository settings on Github, and clear the custom domain name and save. Wait a while (minutes).
When executing dig +noall +answer <YOUR-CUSTOM-DOMAIN> yields the 4 IP addresses that you entered in the A records, go back to the Github repository settings and re-enter and save your custom domain name (which you just cleared) in the custom domain cell.
Optionally, check the box Enforce HTTPS. But make sure that https://<YOUR-DOMAIN>is responsive first.
Make sure you have a CNAME record in your DNS settings also. Host should be www and it should point to your <YOUR-USERNAME>.github.io.
Make sure there is a file in your website repository named CNAME containing the name of your custom domain (in my case ulfaslak.com).
Reference
EDIT: Please see answer below by Arturo Herrero: https://stackoverflow.com/a/50203412/462015
GitHub pages does not support HTTPS for custom domains.
The only work around for doing so is to use an SSL provider as the middle man, such as Cloudflare. However, this would involve pointing your DNS name servers at Cloudflare's, which takes some time and complicates things.
If you want HTTPS support using GitHub pages you'll have to use GitHub's provided URL instead of your custom domain.
Another great option for static sites if you want custom domain name HTTPS is Amazon Web Services. You could set up an S3 bucket for your static website, configure CloudFront to distribute the static content, point your domain name at the CloudFront distribution, and use a free SSL certificate from Amazon's cert manager. This option comes out to less than $1/Month with a low-traffic website. A great in depth tutorial for that would be here.
I hope this answered your question! GitHub pages is a great hosting option, and it's not the end of the world if you decide to forget about HTTPS.
Custom domains on GitHub Pages gain support for HTTPS since May 01, 2018
https://blog.github.com/2018-05-01-github-pages-custom-domains-https/