Frequently Asked Questions about Cloudflare

Q: How long does it take for my domain to move to Cloudflare?

A1. Two minutes to several hours, depending on how long your DNS records take to update.

The moment you register your custom domain with Bubble and Cloudflare, your domain is registered with both services. In order for it to work correctly, Cloudflare needs to validate that your DNS entries point to their servers.

When you update your DNS records (adding, removing, or renaming a record), the length of time they stay available is determined by the record's TTL (time-to-live) value.

Let's say you change a record at your registrar, and that record has a TTL of 1 hour. After 1 hour, you can be certain that that server is reporting your new record to the internet. However, there are many name servers on the internet, and all of them will need to have your most up-to-date record. On average, you can expect your records to be broadcast across the internet within twice the length of your TTL. So if your TTL is 1 hour, expect your record to be everywhere after 2 hours.

Once your record has been updated everywhere, Cloudflare will be able to verify that you own the domain, and your app will become active.

A2. If you have just updated your name servers, up to one full day.

Name server (NS) records are different from CNAMEs and A records in that they can take quite a bit longer to update. Typical TTL (time-to-live) values for NS records are on the order of 12-24 hours. If your NS records haven't fully updated across the internet yet, a user who types your custom domain into their browser could hit either your new name server, or your old name server, unpredictably.

To avoid this, copy your existing DNS records (A, CNAME, TXT) over to your new name server and don't change them for at least 24 hours after changing name servers.

Q. I am a Legacy Customer; what should I do to temporarily disable Cloudflare?

A. Change your DNS records back to the A record you were previously using.

If you're having problems that you think might be caused by Cloudflare, you can temporarily disable Cloudflare by changing your DNS records from CNAME to the A record you were previously assigned.

When you've identified what the problem was and are ready to turn Cloudflare back on, delete the A record and replace it with the CNAME/ALIAS Bubble provided you.

Q. Why are my users are getting "This Connection is Not Secure" errors?

A1. Cloudflare has not validated your domain yet.

If you click on "Advanced" and then look at the certificate details, and the certificate is of the form, your DNS entry is pointing to the correct place, but Cloudflare has not validated your domain yet. Please wait an hour and check again.

A2. You are using URL Redirection (or Forwarding) and your users are trying to load an invalid domain name.

There are four combinations of urls your users could use to reach your domain: https + www, http + www, https + bare, and http + bare. If you have configured URL Redirection (for instance, from to, your users will get redirected to your app when they type in or

However, if your users type, or if they have that url in their browser's history, they may get a generic certificate from your DNS provider that does not match your custom domain. Since the names don't match, your users may think your site is broken.

Q. Why can't I enter as my domain record?

A1. You are trying to set an A record.

A records are always of the form www A 123.456.78.90. A records must direct to an IP address, which is four numbers separated by periods.

Bubble custom domains route to another domain name. Most commonly, this record is In order to configure your domain records for Bubble, you must use a CNAME record, or an ALIAS. ALIAS records are not supported by every registrar, so you may have to change your name servers.

A2. You already have a conflicting record with the same name.

You can only have one domain record (of certain types) for each named resource. For instance, if you have an A record for www, you will either need to edit it and change it to a CNAME, or delete it and create a CNAME in its place.

Q. Which name servers (or registrars) support ALIAS or ANAME records?

A. Here is a partial list:

(All three record types behave mostly identically, although bare domain CNAMEs will prevent you from creating other record types, such as MX records.)



Bare domain CNAME:

  • CloudFlare—has a free tier plan. When configuring this you MUST use the DNS only setting ("grey cloud") or you will get 1014 errors.

Q. How do I know my site is working on Cloudflare?

A. There are several tools.

The first, to check to see if your domain records have propagated, is the Google DNS lookup tool.

When you've changed your domain records, you can go to the CNAME tab to check to see if your CNAME has propagated.

Then, you can go to the A record tab to check to see if your alias records have propagated. Hit return multiple times to see what records come back; if you see the same records come back consistently, then your records have propagated. 299 IN A 299 IN A

Cloudflare serves a page on a certain route on every site hosted on their domain at /cdn-cgi/trace. You can see bubble's page at; replace '' with your own custom domain (once it loads) to see if it's working.

The output should look somewhat like this:

uag=Mozilla/5.0 [...]

Q. I've followed all the instructions here, and I still get "This Connection is Not Secure." What gives?

A. It's possible that we cannot issue SSL certificates on your domain. You will have to remove your CAA record and try again.

Go to the Google DNS lookup tool's CAA tab and check to see if your bare domain (e.g. has a CAA record. A CAA record restricts which certificate providers can issue certificates for your domain. (Only about 1% of Bubble apps have a CAA record.)

For instance, when you look up with this tool, you can see the following record:

id 61662
opcode QUERY
flags QR RD RA
;ANSWER 21599 IN CAA 0 issue ""

This means that only is allowed to issue certificates for sites across the domain.

SSL Certificate issuance is a critical part of making your site work on Bubble and Cloudflare, so if you find a CAA record, delete it. Your site should begin working in a matter of minutes.

Q. I just turned Cloudflare on, and now I'm getting 525 errors on my site! What's happening?

A. Wait an hour and check again.

If you are a Legacy Customer who wasn't using SSL prior to switching over to Cloudflare, some of Bubble's servers won't have your updated certificate available to them. A 525 error happens when the Origin Server (where your app is hosted on Bubble) serves nonsecure content (http) to a server that is expecting secure content (https). We refresh your SSL and certificate settings on all servers once per hour, so if you've recently changed your settings wait and try again.

Q. I am having another issue post Cloudflare transition that's not answered here. What should I do?

A. That depends.

You can search the forum to see if anyone else has had the same issue as you.

If you can't find an answer here or there, submit a bug report.

results matching ""

    No results matching ""