25

How can you test CloudFlare without changing your domain's name server?

I would not want to change my domain's name server and wait hours for propagation only to find out there is a issue with the DNS settings.

Can you spoof a nameserver or something on a local hosts file?

cappuccino
  • 2,175
  • 5
  • 26
  • 48

2 Answers2

39

Yes, you should be able to test before you change your name servers. Here's what to do:

  1. Signup at https://www.cloudflare.com/sign-up and complete the signup through Step 4 when you're asked to update your name servers.
  2. Note the two name servers you are provided which will be in the format [name].ns.cloudflare.com.
  3. From a terminal, do a lookup to get the IP addresses your domain has been assigned. In Linux/Unix it'd be: dig @[name].ns.cloudflare.com yourdomain.example
  4. Repeat step 3 with all the subdomains you want to check.
  5. Update your localhost record to resolve the domain(s) to the IPs you found with the lookup.
  6. Browse the site from the same machine where you did the localhost update and traffic should pass through CloudFlare.

While this will work for a while, after 24 hours CloudFlare's system may detect that your name servers haven't updated and, in some cases, may return an error. However, this technique should allow you basic testing before you update your name servers.

Stephen Ostermiller
  • 23,933
  • 14
  • 88
  • 109
Matthew Prince
  • 414
  • 4
  • 2
  • Thanks, cloudflare not working yet, but at least found out before going live. will troubleshoot via tech support. – cappuccino Jul 30 '12 at 09:50
  • 1
    By "update your localhost record", do you mean modifying `/etc/hosts` on UNIX? – Flimm Oct 06 '15 at 08:55
  • 4
    I get "ERR_SSL_PROTOCOL_ERROR" when trying this – sjosen Nov 09 '15 at 18:53
  • Thanks @Matthew Prince – aserww106 Feb 02 '16 at 21:53
  • @sjosen It seems the answer to this question may answer the ERR_SSL_PROTOCOL_ERROR problem: https://stackoverflow.com/questions/25782409/cloudflare-rails-ssl-error – Thomas Jul 21 '16 at 13:48
  • BTW, for those that need it, you can do a dig operation online https://www.digwebinterface.com/ and the windows hosts file is found C:\Windows\System32\drivers\etc\hosts where you just add a line (Ex. IPfromDig myawesomesite.com www.myawesomesite.com) - make sure you open the hosts file as admin if on windows (aka, open notepad first as admin and use notepad to open the hosts file) – Dima Dec 06 '16 at 02:44
  • I know old thread but useful to clarify that @filmm - yes, that's correct - your local dns record in your hosts file e.g. see here: https://www.rootusers.com/how-to-use-the-hosts-file-to-fake-dns/ – SolaceBeforeDawn Jun 06 '17 at 00:55
  • When I try the above method and then try accessing localhost, I see a page from Cloudflare saying 'Direct IP Access not allowed'. It further says 'A valid Host header must be supplied to reach the desired website.'. When I manually modify the host header for HTTP request, I see the expected page response. But I can test this only for that HTTP resource. – Punit S Apr 06 '18 at 07:08
  • 2
    If using Windows, you can use the following as an alternative to dig in Powershell 3.0+: Resolve-DnsName -Name [domain] -Server [name].ns.cloudflare.com (credit: https://stackoverflow.com/a/44372558/3115559) – Oleg Fridman Jul 03 '18 at 16:34
  • 2
    This no longer works, CloudFlare changed their NS behaviour. Maybe this should not be the accepted answer anymore, or it should be updated. – Joel Davis Aug 19 '20 at 03:26
7

To save future users from some headache, the above answer doesn't work anymore: https://community.cloudflare.com/t/ip-on-cloudflare-nameserver-is-not-masked-despite-orange-cloud/76137

From my understanding, you now need to change your nameserver.

with
  • 91
  • 1
  • 3
  • Link-only answers are discouraged on Stack Overflow, as they are rendered useless if the link stops working for whatever reason. You should [edit] your answer to include the most important points that are relevant to the question in the answer itself. – Hoppeduppeanut Apr 16 '19 at 02:38