Client wants to keep domain on another service (for email, mostly), but use Netlify to host website

Hello everyone!

I’ve just completed a project for a client and I’ve convinced them to use Netlify to host their site; however, they want to keep the domain hosted with another service (the IT department doesn’t want to redo their email settings).

The main site on Netlify is at (the new site) and the domain is going to be at When I use whois | grep -i "name server" it returns Cloudflare nameservers (although their IT guy insists they’re not on Cloudflare ::man_shrugging: ).

They’re requesting the “host server IP address” to set an A record in the DNS - would this work? If so, what IP address do I use? Are there more than one A record that should be set? Is there anything I should know about using this method - i.e. delayed deployment, site setting constraints, etc.

Bonus question: I normally set up their Sanity CMS as a subdomain “” - I currently have it launched on Netlify at What extra steps do I need to launch this subdomain using this method? (Using Netlify for it all is so much easier! ::rofl: )

This will help,


  • A CNAME record for pointing to
  • An ALIAS, flattened CNAME, or ANAME record for pointing to Cloudflare should support this out of the box.
    • If they are having issues with ALIAS record, they can set an A record for to But if this is the case, I would recommend setting the main site to instead of

Also, for your CMS:

  • A CNAME record for pointing to

Just a note, it will be best if all of these are not proxied through Cloudflare, meaning that the cloud icon is not orange. See: [Support Guide] What problems could occur when using Cloudflare in front of Netlify?

Also, if you happen to be on a High-Performance Edge enterprise plan, you will have a custom subdomain to point to.

Assuming that both the old site remain active and the Netlify site is already configured for custom domains, there shouldn’t be any downtime. But as always, DNS propagation may cause website downtime until everything is fully propagated.

Thank you @hartanto! This is exactly what I was looking for - I appreciate it very much. You mention the “current site is already configured for custom domains” - is this any more than setting up custom domain for with the default DNS settings?

As long as the DNS records are set correctly, and the domain is registered at the site’s Domain management settings, all should be good.

Thanks very much for your help on this @hartanto. I have a follow up: we’ve launched and the pages are up; however, the forms are not submitting now throwing the minified React error codes 418 & 423. I’ve been researching these error codes and have fixed a couple of basic issues (<div> inside a <p>, check SSR setup through Gatsby, etc.) without fixing. The errors say there is a difference between the client-side and server-side rendering that causes the issue:

Blockquote There was an error while hydrating. Because the error happened outside of a Suspense boundary, the entire root will switch to client rendering.

Blockquote Hydration failed because the initial UI does not match what was rendered on the server.

The client won’t allow me access to their Cloudflare, so I can’t see what they’ve done but I gave them your exact specifications for DNS changes and their IT guy says he’s followed them. Is this an issue with the Cloudflare pointing to Netlify or something entirely unrelated and how can I verify this?

Thank you again for the help.

Hi Eric,

Unfortunately, I’m not that familiar with React and Next to be able to tell you for sure. However, I did found this:

Regarding Cloudflare, it seems that the client proxied the site through Cloudflare. Those have some possible drawbacks, but that really shouldn’t affect things…

1 Like

Thank you for those possible solutions. I will check into them.

I explicitly advised them of these drawbacks. I wasn’t aware they had chosen to ignore me on that - thank you for letting me know. I checked the DNS settings, dig and whois in Terminal and don’t see where it specifies the proxy. How did you find that?

1 Like

The IP address that the website is pointing to is Cloudflare’s:

1 Like

Gotcha. Yes, I see there are 4 A name records on the DNS still for the hostname at and with these two IP’s and the IPv6 is also set in a similar fashion. I did advise them to remove these - just to make sure I advise correctly though - these 8 records need to be removed in order to ensure the “DNS Only” option works correctly and will not affect the operation of the email:

| | A | 300 || |
| | A | 300 || |
| | AAAA | 300 || 2606:4700:3037::6815:580b |
| | AAAA |300 || 2606:4700:3033::ac43:abec |
| | A | 300 || |
| | A | 300 || |
| | AAAA | 300 || 2606:4700:3033::ac43:abec |
| | AAAA | 300 || 2606:4700:3037::6815:580b |

Is this right?

In their Cloudflare settings, they will see the correct records.

Possibly any of these 2 depending on how they set things up: | A | | CNAME |

or | CNAME | | CNAME |

It’s just that the “cloud” icon on Cloudflare will be orange. They will need to turn it to DNS only to disable Cloudflare proxying.


The way Cloudflare works is that the user will input a correct DNS record to their Cloudflare portal, and if it’s proxied, they will make it so that the DNS requests are proxied through Cloudflare server to the server specified in the Cloudflare portal.

So for you and me, we see the IP address as Cloudflare’s. It’s just that Cloudflare will forward requests to Netlify. That’s how they can provide service such as DDoS protection and caching.

1 Like

Ok, I understand now. Thank you for your help!

The IT guy from my client business has come back with an alternative based on this article.

Essentially, he presents a problem he had from a DoS/DDoS attack that crashed his site and he was able to fix it by implementing the proxy again after configuring Cloudflare to turn off the “Always use HTTPS” for the Netlify proxy.

I’m running this by you all to see if I’ve missed anything. It seems a viable option to allow them to use Cloudflare security configurations. What do you think?

Sure, you’re free to use it. But as mentioned in the above article (this one), it gets difficult for us to troubleshoot if you run into weird errors. If you don’t, consider yourself lucky.