How we moved our infrastructure with Cloudflare at the helm

You can catch the first part of this series here.

We looked at the why, let’s take a look at the how.

First things first, BACKUP!!!

Luckily most of the projects that we worked on, were either owned by the client and resided in their infrastructure or were deployed to Firebase hosting and the like. So that only left us with

1. Emails
2. Our website

With Cpanel being a PHP-based backend, that implied that our website would need to be designed with a similar technology and we used Codeigniter for that purpose.

This was simple enough to migrate, we picked NextJs as the framework of choice, having used it in quite a few projects, we found it very versatile and liked the output that was generated by it. Being a server-side rendered framework, it worked great for SEO as well along with a ton of other features like lazy loading of images and optimizations.

The next step emails. Having used Google and all of its products, we knew that G Suite was the next step and that’s where we went. I cannot begin to describe how easy the process was for migrating an existing email. Following the steps described in the Google docs mentioned here, it was as simple as punching in the username and password along with the hostname of the Cpanel webmail account and Google was able to pull the emails, from all existing accounts and pre-fill them into the equivalent G suite accounts that were created. I expected the email backup to be at least a week-long, it took barely a few minutes using the G suite tool and a few hours to pull around 10k emails from the past 5 years. Flawless!

You’re telling me that the migration process a complete success? No roadblocks whatsoever? That can’t be true!!

Well, yeah, you’re right, what I skipped over was migrating our existing nameservers to Cloudflare, from Cpanel. We knew we wanted to shift out of Godaddy, which is where our domain existed, and Cpanel hosting, where all our DNS records were maintained. The main reason here was to not be associated with any mass provider that had a lower tier pricing which could potentially and invariably lead to a lot of bad reputation for the IP ranges maintained by them and then virtually inheriting the same reputation for your website.

In the past, we used Namecheap and found the overall experience good. To add to that, DNS propagation was quite quick and they also threw in DNSSEC ( more on this later ) for free along with domain privacy. For DNS, we wanted to give Cloudflare a try, not that we were expecting a huge DDOS attack anytime soon but it was nice to have that option along with the wealth of different features that Cloudflare has to offer.

I’m still not seeing the problem here.

Okay so at this point, there were 2 options

1. Do we transfer the domain from GoDaddy to Namecheap and then make the nameserver change so Cloudflare can handle the DNS?
2. Or, do we change the nameservers to that of Cloudflare while the domain is on Godaddy, have them propagated, and then transfer the domain?

I believe either scenario would give the same output but we went ahead with option 2. So we created a zone in Cloudflare, the good thing here is that Cloudflare lets you setup all DNS records without having to verify that you own the domain ( of course it won’t work until you can verify the domain by replacing your nameservers with that of Cloudflare ). Sadly, Cpanel did not provide any functionality to quickly export DNS records which means this was a manual effort of creating nearly 60 entries. Not fun but hey, someone gotta do it right! With that out of the way, the next step was to simply update the nameservers in Godaddy so they can point to Cloudflare and we did just that. It took nearly 3 days for the propagation, filled with anxiety and crossed fingers.

A good site to use when checking for DNS changes and propagations is https://www.whatsmydns.net/

With the DNS done, the next step was transferring the domain. Nope, this wasn’t entirely smooth either.

Godaddy has a bunch of steps mentioned here which involve getting an authorization code that you can punch in on the recipient registrar which in this case would be Namecheap. Sure enough, we got the code and supplied it to Namecheap and eagerly awaited the next step.

A few minutes later, we received an email indicating that the transfer was canceled due to an incorrect authorization code. Okay fair game, maybe it was a human error so we tried it again and got the same result, one more time, and still the same. Okay, this can’t be right so we got in touch with GoDaddy support and described the series of events to them to which the reply was, can you try it again now 😒. At the same time, we were sifting through a bunch of StackOverflow questions and articles online where people faced a similar situation and the solution here was to ask the registrar to refresh the authorization token. After a lot of convincing, they did oblige and we had a shiny new authorization code, guess what, That worked perfectly!

We soon received an email from Namecheap indicating that the transfer was in progress and should be done within 24–72 hours. Luckily, it did not take that long and within a few hours, we had control of our domain in Namecheap, the best part was that the nameserver was automatically copied over so we had no downtime due to a change in the registrar.

We’re not entirely done though, there’s still a bunch of DNS that needs configuring so stay tuned!