Cloudflare?

Cloudflare is a company/service providing various web-based infrastructure, security, DNS and reverse proxy services. As seen through this wikipedia article.

I utilise cloudflare as a reverse proxy which helps to protect and help cache my website through features such as scrape shield which provides email address obfuscation, it also helps me collect basic analytics for the site so I can see how many unique visitors there are, where those requests are from etc. I don’t exactly need it, I can’t always tell what is a genuine visitor or an automated program but it’s pretty cool to have.

I also find it useful because it provides a free SSL certificate! Although as I found this has its limitations.

Configuring Subdomains

When creating my blog I decided I wanted to use a subdomain to separate the blog from my main portal site and it would be a bit of experience as I never had a need to create a subdomain.

On the AWS side I set up a bucket www.blog.jonathoncross.co.uk and another under blog.jonathoncross.co.uk, which would redirect to the www prefixed bucket as the host. However this caused a problem in the form of

 ERR_SSL_VERSION_OR_CIPHER_MISMATCH

which was a complete headache, I checked the SSL certificate and it appeared to me to cover every subdomain of my website in the form of

 *.jonathoncross.co.uk

This led me to contacting cloudflare support to inform me that Cloudflare Universal SSL does not support a second-level subdomain, which means that the “www” prefix had to go. Painfully obvious problem, took over a week to resolve. Shoutout to Michelle B from Cloudflare support who diagnosed and spelled out the problem for me extensively.

Configuring Custom Emails

A drawback of using Cloudflare to route my traffic through to my site is that they do not support email forwarding, which is exactly what I needed to quickly set up an email for my subdomain. To get around this I decided to use a free, open source tool in the form of Forward Email which for my use case I could use the free plan and everything was perfectly cool. This works by having some configuration at the DNS level, verifying this with forward email and you’re ready to go. Would recommend.

Conclusion

I thought I would just post some small woes and findings when I was setting up my site for future reference and if anyone else finds similar challenges.