Solutions
Log in to Cloudflare: https://www.cloudflare.com/
Register a Cloudflare account
Add the domain name to be hosted
Enter the Namesilo domain management interface
Make sure to delete the DNS provided by the original domain provider
Wait a moment
Check if the NS records have been modified to point to Cloudflare's servers
After clicking submit, wait a few minutes and you can return to Cloudflare to check if the name servers are effective. Once effective, we can proceed with operations.
[Cloudflare]: An email will be sent to your registered account
- Set up a custom domain name
Xlog provides a free custom domain name solution. Here, I will set it up for my Xlog blog
The method is as follows: Enter the Xlog console, click Settings — Domain — Custom Domain, enter your domain name, such as igdux.com (do not enter https:// or http://), at this point, Xlog will ask you to verify domain ownership.
Enter the resolution
Do not use the original cloudflare.com server address, just add your own DNS resolution
- Set up 301 naked domain redirection
The so-called naked domain redirection means that when accessing the www.igdux.com domain, it will redirect to the non-www domain igdux.com. And 301 means setting a permanent redirect, not temporary, which is convenient for search engines to recognize and index.
Under your Cloudflare account, select the custom domain name bound to the xlog.app subdomain, for example, my custom domain name is igdux.com. Select the domain — Rules — Page Rules, set it as shown in the image:
URL: your domain/* (e.g., google.com/*)
Pick a Setting: Forward URL; Select Status Code: 301
Enter Destination URL: https://your domain
In cloud resolution DNS
After triggering, Cloudflare's official explanation is very clear. Customers pointing the domain to 1.1.1.1 will now encounter error 1034. This is because Cloudflare's system has implemented new edge validation checks to prevent configuration errors and/or potential abuse.
Please enable cookies.
Error 1034
Ray ID: 8cac8b6698368a63 • 2024-09-29 14:08:18 UTC
Edge IP Restricted
What happened?
You've requested a page on a website that is part of the Cloudflare network. The host (ladfenemies.cc) resolved to an IP address that the owner of the website does not have access to.
What can I do?
If you are a visitor of this website:
Please try again in a few minutes.
If you are the owner of this website:
Check your DNS records to ensure they are pointed to the IP address(es) you were assigned at registration.
Was this page helpful? Yes No
Thank you for your feedback!
Cloudflare Ray ID: 8cac8b6698368a63
Solutions
Official explanation: Ensure that DNS records point to an IP address you control. If a placeholder IP address is needed for "no source" settings, please use the IPv6 reserved address 100:: or the IPv4 reserved address 192.0.2.0.
In simple terms, just change the selected IP in the DNS panel to another IP, do not use the official 1.1.1.1, or the one currently in use.
Why enable DNSSEC?#
It is very
obviously safer when enabled, although I don't know where it's safer. And it's free!
It should prevent some forgery...
How to enable?
First, go to the Cloudflare dashboard, enter "Zone," find DNS in the sidebar, and navigate to DNS → Settings:
At this point, you will see a very obvious "Enable DNSSEC." Click "Enable DNSSEC." After a moment, Cloudflare will provide you with the DS records you need to add.
Next, you can add your own DS records.
The correspondence between Namesilo's fields and the fields displayed by Cloudflare is roughly as follows:
Namesilo Cloudflare
Digest Digest
Key Tag Key Tag
Digest Type Digest Type – 2
Algorithm Algorithm
A records, AAAA records, CNAME records, MX records, NS records, TXT records, SRV records, URL forwarding, etc. in DNS resolution#
A
A record: Points a domain name to an IPv4 address (e.g., 100.100.100.100), an A record needs to be added.
NS
NS record: Domain name server record. If you want to specify a certain domain server to resolve a subdomain, you need to set the NS record.
SOA
SOA record: SOA stands for Start of Authority record. NS is used to identify multiple domain name resolution servers. The SOA record is used to mark which one is the primary server among many NS records.
MX
MX record: Establishes email service, pointing to the mail server address. MX records need to be set. When establishing an email, this record is generally filled in according to the MX records provided by the email service provider.
TXT
TXT record: Can be filled in arbitrarily and can be empty. This item is generally used for some verification records, such as creating SPF (anti-spam) records. It is convenient to remember, using the domain name to replace the IP address. Domain name resolution is the process of converting a domain name to an IP address, and the resolution work is done by DNS servers. The DNS server will resolve the domain name to an IP address, and then bind a subdirectory to the domain name on the host at that IP address. During domain name resolution, resolution records are added, including: A records, AAAA records, CNAME records, MX records, NS records, TXT records, SRV records, URL forwarding.
- Various resolution records added in DNS domain resolution
A record: Points a domain name to an IPv4 address (e.g., 100.100.100.100), an A record needs to be added.
CNAME record: If you want to point a domain name to another domain name to achieve the same access effect as the pointed domain name, you need to add a CNAME record. This domain name is generally provided by the hosting service provider.
MX record: Establishes email service, pointing to the mail server address. MX records need to be set. When establishing an email, this record is generally filled in according to the MX records provided by the email service provider.
NS record: Domain name server record. If you want to specify a certain domain server to resolve a subdomain, you need to set the NS record.
TXT record: Can be filled in arbitrarily and can be empty. This item is generally used for some verification records, such as creating SPF (anti-spam) records.
AAAA record: Points a hostname (or domain name) to an IPv6 address (e.g., ff03:0:0:0:0:0:0), an AAAA record needs to be added.
SRV record: When adding service record server service records, this item will be added. SRV records indicate which computer provides which service. The format is: service name.protocol type (e.g., _example-server._tcp).
SOA record: SOA stands for Start of Authority record. NS is used to identify multiple domain name resolution servers. The SOA record is used to indicate which one is the primary server among many NS records.
PTR record: PTR record is the reverse record of the A record, also known as IP reverse lookup record or pointer record, responsible for reverse resolving an IP to a domain name.
Explicit URL forwarding record: Points a domain name to an http(s) protocol address, automatically redirecting to the target address when accessing the domain name. For example, after explicitly forwarding www.liuht.cn to www.itbilu.com, when accessing www.liuht.cn, the address displayed in the address bar will be: www.itbilu.com.
Implicit URL forwarding record: Points a domain name to an http(s) protocol address, automatically redirecting to the target address when accessing the domain name. Implicit forwarding will hide the real target address. For example, after explicitly forwarding www.liuht.cn to www.itbilu.com, when accessing www.liuht.cn, the address displayed in the address bar will still be: www.liuht.cn.
- Some issues in DNS resolution
2.1 A records vs CNAME records
An A record points a domain name to an IP address, while a CNAME record points a domain name to another domain name, which ultimately points to an A record. In terms of functionality, there is no difference between A records and CNAME records.
CNAME records are more convenient than A records when changing IP addresses. CNAME records allow multiple names to be mapped to the same computer. When multiple domain names need to point to the same server IP, one domain name can be set as an A record pointing to the server IP, and the other domain names can be set as aliases (i.e., CNAME) to the A record domain name. When the server IP address changes, you only need to change the A record of that domain name to the new IP, and the other aliased domain names will automatically change to the new IP address without having to change each domain name.
2.2 A records vs AAAA records
Both point to an IP address, but correspond to different IP versions. A records point to IPv4 addresses, while AAAA records point to IPv6 addresses. AAAA records are an upgraded version of A records.
2.3 IPv4 vs IPv6
IPv4 is the fourth version of the Internet Protocol (IP) and the first widely used version, forming the foundational protocol of today's Internet technology. The next version of IPv4 is IPv6, which will replace the currently widely used IPv4 in the future.
IPv4 specifies an IP address length of 32 bits (according to the TCP/IP reference model), which means there are 2^32-1 addresses. The introduction of IPv6 was primarily to address the issue of IPv4 address space exhaustion due to the rapid growth of the Internet. To expand the address space, IPv6 increased the IP address length from 32 bits to 128 bits. In the design process of IPv6, not only was the address shortage problem solved once and for all, but other issues in IPv4 were also addressed, such as end-to-end IP connectivity, quality of service (QoS), security, multicast, mobility, and plug-and-play.
2.4 TTL value
TTL - Time To Live, indicates the cache time of the resolution record in the DNS server. The time length of TTL is measured in seconds, generally 3600 seconds. For example, when accessing www.itbilu.com, if the record is not in the DNS server's cache, a request will be sent to a certain NS server to obtain the record. After obtaining the record, it will be stored in the DNS server for the length of TTL. During the TTL validity period, when accessing www.itbilu.com, the DNS server will directly return the record from the cache.
Below is a brief introduction to the SOA record in DNS:
In any DNS record file (Domain Name System (DNS) Zone file), it starts with an SOA (Start of Authority) record. The SOA resource record indicates that this DNS name server is the best source of information for the data in this DNS zone. The difference between SOA records and NS records: Simply put, NS records indicate domain name server records, used to specify which DNS server resolves the domain name; SOA records set some data version, update, and expiration time information.
The SOA record is:
Primary nameserver: ns51.domaincontrol.com
Hostmaster E-mail address: dns.jomax.net
Serial #: 2010123100
Refresh: 28800
Retry: 7200
Expire: 604800 1 week
Default TTL: 86400
Primary nameserver:
The host location of the DNS record file.
Contact email (Hostmaster E-mail address):
The contact information of the record host administrator, where the first dot represents @.
Serial number (Serial):
The format is yyyymmddnn, where nn represents the number of modifications made on that day. Secondary nameservers compare this serial number to load a new copy of the zone data.
Refresh:
Tells the secondary nameservers how often to check if the zone data is up to date.
Retry:
If the secondary nameserver cannot access the primary server after the refresh interval, it will start retrying to connect after a certain period. This time is usually shorter than the refresh time, but it doesn't have to be.
Expire:
If the secondary nameserver cannot connect to the primary server within the expiration time, it will consider this zone data invalid. This means the secondary nameserver will stop responding about this zone because the zone data is too old and no longer useful. The set time should be much longer than the refresh and retry times, with a week being a reasonable unit.
Negative cache TTL (Time To Live):
This value applies to negative responses from authoritative nameservers for this zone.
The data structure of an SOA record from a Microsoft DNS server is as follows:
@ IN SOA nameserver.place.dom. postmaster.place.dom. (
1 ; serial number
3600 ; refresh [1h]
600 ; retry [10m]
86400 ; expire [1d]
3600 )
References
http://itbilu.com/other/relate/EyxzdVl3.html#summary