Setting Up and Managing FQDNs

What is an FQDN?

A Fully Qualified Domain Name (FQDN) is the complete domain name that uniquely identifies a resource (like a server or website) on the internet. It includes both the hostname and all necessary domain levels, making it a full address that can be used to route requests accurately.

For example:

• FQDN: www.example.com
  • Host: www
  • Domain: example.com

The FQDN ensures that each internet request is directed to the right destination by specifying the exact path in a domain’s hierarchy. This prevents routing errors, which could otherwise occur in larger networks.

---

Setting Up an FQDN

You can setup your FQDN with your DNS provider. Below we have provided the detailed steps for setting up an FQDN with CloudFare.

note

If you don’t have a Cloudflare account, you can sign up for a trial to follow along.

Setting Up an FQDN with Cloudflare

Step 1: Sign Up for a Cloudflare Account

1. Go to Cloudflare’s signup page.
2. Enter your email address and create a secure password.
3. Follow the instructions to confirm your account.

tip

A strong password is essential as your DNS configuration impacts the security of your domain.

Step 2: Add Your Domain to Cloudflare

1. In the Cloudflare dashboard, click “Add a Site”.
2. Enter the domain you want to manage (e.g., example.com).
3. Cloudflare will scan for existing DNS records. Review these records to ensure they’re correct, as any mismatches may lead to misconfigured routing.

Step 3: Configure DNS Records

DNS records define where and how traffic should reach your server. The following are the main record types you’ll typically configure:

• A Record: Maps your FQDN to a specific IPv4 address (e.g., 93.184.216.34).
  • Example: An A record for www.example.com pointing to 93.184.216.34 would direct requests to that IP.
• CNAME Record: Points your FQDN to another domain, serving as an alias.
  • Example: A CNAME record pointing blog.example.com to www.example.com allows requests for the blog to resolve to the same IP as www.example.com.
• MX Record: Used for routing email to your domain’s mail server.
  • Example: An MX record pointing example.com to mail.example.com.
• TXT Record: Used for domain ownership verification, security policies (like SPF and DKIM for email security), and other text-based information.
  • Example: A TXT record with SPF data to authorize email senders.

Adding a DNS Record in Cloudflare

1. In the DNS section of your Cloudflare dashboard, click Add Record.
2. Select the record type (e.g., A, CNAME).
3. Enter the name (hostname or subdomain) and content (target IP or domain).
4. Set the TTL (Time to Live) as needed (default values typically work well).
5. Click Save to apply the record.

info

Documentation: Creating And Managing DNS records in Cloudfare

Step 4: Enable Required Settings in Cloudflare for FQDN to Work

To ensure your FQDN functions securely and efficiently, configure SSL/TLS settings, caching, and WAF custom rules in Cloudflare.

1. SSL/TLS Configuration SSL/TLS certificates help encrypt communication between your visitors and your server, protecting data in transit. Cloudflare provides several SSL options:

   • Flexible SSL: Encrypts traffic between Cloudflare and your visitors, but not between Cloudflare and your server.
   • Full SSL: Encrypts traffic between both Cloudflare and your visitors, and Cloudflare and your server. Your server must have an SSL certificate, which can be self-signed.
   • Full (Strict) SSL: Encrypts traffic similarly to Full SSL, but requires a valid SSL certificate on your server signed by a trusted certificate authority.

info

Documentation: Configuring SSL/TLS settings

2. Caching Settings Caching improves load times and reduces server requests by storing copies of static resources, like images, JavaScript, and CSS files. Cloudflare’s caching options allow you to configure how long resources are cached and how aggressively caching is applied.

   • Enable Caching: Go to the Caching section in Cloudflare, where you can set the Time to Live (TTL) for specific resources.
   • Purge Cache: If you make updates to your site, you may need to purge cached files to ensure users receive the latest content.

info

Documentation: Cloudflare Caching overview

3. Web Application Firewall (WAF) Custom Rules Cloudflare’s Web Application Firewall (WAF) custom rules allow you to secure your domain by filtering out malicious traffic. Custom WAF rules offer flexible, highly configurable protection for specific security needs, and they replace the previous Firewall rules functionality.

   • Creating WAF Custom Rules: In the Security section of your Cloudflare dashboard, go to WAF and select Custom Rules.
   • Configure Rules Based on Traffic Patterns: Set rules to block or allow specific IP addresses, user agents, or request methods to prevent unauthorized access or mitigate common security risks.
   • Set Rule Actions: Choose actions like Block, Challenge, or Log based on the behavior you want for each custom rule.

info

Documentation: Using WAF custom rules in Cloudflare

---

Load Balancing and Failover

FQDNs play a vital role in load balancing and failover, ensuring that requests are distributed across multiple servers or rerouted in case of server failure.

• Load Balancing: Configures traffic distribution across multiple servers, helping reduce load on any single server and improve site responsiveness.
• Failover: If one server becomes unavailable, requests are redirected to a secondary server. This improves uptime and reliability.

Cloudflare’s Load Balancer improves reliability and performance by distributing traffic across multiple servers and providing automatic failover if one server becomes unavailable. This setup ensures that your FQDN remains accessible, even if one of your servers goes down.

info

Documentation: Cloudfare Load Balancer

Troubleshooting & Best Practices

1. DNS Propagation Delays: DNS changes may take up to 24 hours to propagate across global DNS servers. Use a tool like DNS Checker to verify propagation.
2. Incorrect IP Mapping: Verify that the IP address in your A record is correct.
3. SSL Certificate Errors: Ensure SSL is properly configured in Cloudflare and on your server. Check that your server has an active SSL certificate if using Full or Full (Strict) SSL mode.
4. Periodically Review DNS Records: Remove any outdated records to improve security.
5. Implement Security Measures: Set up DNSSEC (Domain Name System Security Extensions) for added protection.
6. Document Changes: Keep a log of any updates or configuration changes for troubleshooting.