Connect Squarespace primary domain to Cloudflare

My primary domain beyondspace.studio is managed on Namecheap and connected to Squarespace using their Nameserver Connect feature, making Squarespace my DNS manager. To integrate Cloudflare, I need to update the domain's nameservers in the Namecheap dashboard with the ones provided by Cloudflare.

This article assume you are familiar with Cloudflare dashboard and detail steps of connecting domain to Cloudflare

Steps to Connect to Cloudflare

• Add Your Domain to Cloudflare

  • Log in to Cloudflare and add your domain to get two nameservers.

• Update Nameservers in Namecheap

  • In the Namecheap dashboard, replace the current Squarespace nameservers with the new Cloudflare nameservers.

  • If your domain registrar is different from Namecheap, use the dedicated document from your provider

• Waiting for Connection

  • It might take some time for Cloudflare to confirm the successful connection. During this period, avoid making any changes to prevent interruptions.

Minimal Downtime

Since my primary domain has been attached to Squarespace for a while, the migration was smooth. For new domains, ensure minimal downtime by preparing ahead.

Handling Redirects

During DNS propagation, your primary domain might be temporarily inaccessible. If this happens, set up a redirect to your built-in Squarespace domain. Follow this Cloudflare URL Forwarding Tutorial, for example

• Primary Domain: https://beyondspace.studio

• Built-in Domain: https://beyondspace-showcase.squarespace.com

Initial DNS-Only Setting

Initially, set your domain to DNS-only to prevent Cloudflare from proxying your traffic before you have an active edge certificate. Once your domain connection is active, update the status to Proxied (Orange cloud).

1. Log in to the Cloudflare dashboard and select your account and domain.

2. Go to DNS.

3. Edit all Squarespace DNS records and switch Proxy status to DNS-only

For more best practices, check Minimize Downtime Guide from Cloudflare

Common Errors and Fixes

Too Many Redirects Error

If you can not access the website and the browser yells this error, it is likely your SSL security set up is set to Flexible. To change your encryption mode in the dashboard:

1. Log in to the Cloudflare dashboard and select your account and domain.

2. Go to SSL/TLS.

3. Choose an encryption mode (Full)

DNS Error: "This hostname is not covered by a certificate on proxied DNS records."

Ignore this until the connection is complete or change the record to DNS-only, see more in the docs Cloudflare Error Messages

Visitor IP Address Issue

When your domain is connected and DNS records are set to Proxied, your traffic routes through the Cloudflare network. This might cause your analytics to record Cloudflare IPs instead of actual visitor IPs. If you are on Enterprise plan, enable True-Client-IP Header can resolve this issue, or follow Cloudflare’s workaround, but it requires server access, which is not possible with Squarespace, so I will just leave it as it, not a deal breaker to me

Benefits of Cloudflare

Even with Cloudflare's Free plan, your website will be protected from malicious attacks and DDoS attacks. Cloudflare’s security features help safeguard your site from potential threats.

By connecting your primary Squarespace domain to Cloudflare, you can use features like Cloudflare Worker HTMLRewriter to modify Squarespace content before delivering it to visitors, providing a serverless backend for your website.

Leveraging HTMLRewriter can help me resolve the limitation of ImageLoader interceptor scripts to server next-gen image formats for Squarespace using Cloudinary CDN, ImageKit.io and Cloudimage.

IP Access rules: Use IP Access rules to allow, block, or challenge traffic based on the visitor’s IP address, country, or Autonomous System Number (ASN).

Real-world usage

Many Squarespace website owners are using Cloudflare to enhance their site's speed and security. According to data from NerdyData, out of 132,720 indexed Squarespace websites, 17,340 use Cloudflare. This shows a significant adoption rate, demonstrating the benefits Cloudflare brings to Squarespace users.

Examples of Squarespace websites using Cloudflare

These examples highlight the use of Cloudflare in various configurations, from DNS-only to proxied setups. This flexibility allows website owners to choose the level of Cloudflare integration that best suits their needs.

Frequently asked questions

Question: What is Nameserver Connect and DNS Connect?

Nameserver Connect and DNS Connect are two methods for connecting your domain to Squarespace. Nameserver Connect involves pointing your domain's nameservers to Squarespace, making Squarespace your DNS manager. DNS Connect, on the other hand, requires you to add specific DNS records to your domain's existing DNS settings. For more details, visit the Squarespace support article.

Question: What is the difference between Proxied and DNS-only (gray-cloud vs orange-cloud) modes in Cloudflare?

• DNS-only (gray-cloud): Cloudflare will route all traffic directly to your Squarespace server without any intermediary processing.

• Proxied (orange-cloud): All requests intended for proxied hostnames will go to Cloudflare first, then be forwarded to your origin server (Squarespace). This allows you to benefit from Cloudflare features such as Worker Routes, IP/Country blocks, Cloudflare Images, and more. For more information, visit the Cloudflare documentation.

Question: How long does it take for Cloudflare to connect my domain?

It typically takes 24-48 hours for DNS propagation and for Cloudflare to send a confirmation email about the successful connection.