Custom domains are a powerful and flexible tool, but they require several distinct pieces to be correctly configured to function as desired. This section includes topics that may help you avoid known issues while navigating your custom domain setup.

Using A Flattened CNAME

Some DNS providers, such as Cloudflare, automatically "flatten" CNAMEs defined on the root of a domain to return an IP address rather than a hostname when the CNAME is resolved. The DNS provider internally performs the additional queries needed to determine the actual IP and returns the result, just as if the CNAME was an A record. Flattening a CNAME technically breaks the DNS specification, but can be helpful for modern web development, allowing you to use the root of your domain as the address for a service.

You can use a flattened CNAME for your site's custom domain. The DNS record must be configured to refresh rapidly (ideally every 60 seconds). For a provider like Cloudflare, who will automatically set the TTL for a proxied CNAME to 300 seconds, you must also disable proxying by your DNS provider in order for Files.com to recognize the custom domain.

Pitfalls Associated With Using CNAMEs That Aren't Registered in Files.com

Some customers have discovered that it is possible to configure a CNAME record from a domain they control to their .files.com subdomain without configuring it in Files.com as a custom domain. We strongly recommend against this practice because this will not result in a valid SSL certificate for the custom domain, and it will not provision any dedicated IP addresses.

Regardless, some customers do it anyway because SFTP doesn't use SSL certificates at all. Please be aware that this method of pointing a domain is unsupported.

CAA Records

A CAA Record is a security feature of the DNS system that allows domain name owners to restrict which issuers are allowed to issue SSL Certificates for a given domain.

If your Custom Domain has a CAA record set in your DNS, you will need to either update your CAA record to allow our Certificate Authority to issue certificates or provide your own certificate.

We issue certificates through a popular Certificate Authority called Let's Encrypt.

If you have a CAA DNS record for your custom domain, you'll need to create another CAA record with the value letsencrypt.org, enabling us to issue the certificate.

If you need any help with this process, just let us know the service you're using to manage your DNS records (e.g. GoDaddy, Namecheap, etc.), and we'd be happy to assist.