The main advantage is that you can use a wild-card SSL certificate. So what this means is for your domain name, you can create just one certificate that will work with all of the subdomains that you create. So no need anymore to create individual certificates for each subdomain. And the other advantage is, because obviously, we're not using HTTP for verification, then we don't need to have port 80 open on the router. So that's one less port, a little bit more secure.
Not at home server, I'd say really pretty much none at all. Well, the only one I can really think of, and really I don't think it's much of a disadvantage at all is you have to use your own domain name. When using HTTP verification, we can just use a subdomain of DNS. So you could use something like mysonar.duckdns.org as your subdomain and you wouldn't have to buy a domain name. But obviously for DNS verification to work, you've got to have full control over a domain name so you're gonna have to buy a domain. And to register a domain name nowadays is under ten dollars a year. So really, I think all of us should be using our own domain name when using a reverse proxy.
So for CloudFlare to be able to manage the DNS of our domain, we're going to have to change the name servers so it points to them. And there are two name servers that we need to change. So I'm going to click on the first one here and click copy. So now I'm going to switch across to the website for my domain's registrar where I can change the name servers. So I'm going to scroll down here and where it says name servers click on to change. And then custom and then paste the first one in here. Now your registrar the web UI may look a bit different but the process will be exactly the same. So you want to go back and then choose the second one and then paste that in. And then now I'm going to click on to save. So now if my name server has changed with my registrar, I'm going to go back to the CloudFlare website and click here on to continue...
Next, it will say that the site isn't yet active, basically the name servers haven't actually propagated through pointing through to CloudFlare normally, it only takes a few minutes, but it does say it can take up to 24 hours. But just try refreshing the page and when the site's active, it will say so like it does here. So now we just need to click on to the DNS button at the top and the DNS we see here will be whatever was setup with our registrar now will have being copied and put into here. Now I'm just going to add a new cname here writing CloudFlare. I'm going to add the subdomain sonar and that's going to point across to my dynamic IP tracker in this case duck DNS.
Q: What are the advantages of using DNS verification for reverse proxy setup? A: The main advantage is that you can use a wild-card SSL certificate and do not need to create individual certificates for each subdomain. Additionally, you do not need to have port 80 open on the router for verification, which enhances security. Q: What should be considered when weighing the advantages and disadvantages of DNS verification? A: One consideration is that you need to use your own domain name, as opposed to using a subdomain. This may require buying a domain, although the cost is typically low. Using DNS verification requires full control over the domain name. Q: How do you set up DNS verification for Let's Encrypt certificate through CloudFlare? A: To allow CloudFlare to manage the DNS of your domain, you need to change the name servers to point to CloudFlare. This involves changing two name servers on your domain registrar's website and ensuring they are saved. The process may vary slightly depending on the registrar's web UI. Q: How do you configure CloudFlare for Let's Encrypt certificate authentication? A: After changing the name servers, you may need to wait for them to propagate to CloudFlare, which typically takes a few minutes but can take up to 24 hours. Once the site is active on CloudFlare, you can proceed to configure the DNS settings and add a new CNAME record for your desired subdomain.
