How Cloudflare Made My Server Migrations a Breeze (Updated with SSL Notes)Adam C. |
Switching servers used to be one of my least favorite jobs.
Every time I moved my website to a new machine, I had to:
Reinstall or migrate Let’s Encrypt SSL certificates
Update DNS records in GoDaddy and wait for propagation
Hope I didn’t break something in the process
It was a headache.
But now? I use Cloudflare, and server changes are painless.
The Old Way: Painful & Risky
If you’ve ever done a server migration the “normal” way, you know the drill:
Update your DNS A record at GoDaddy to point to the new IP.
Wait for DNS propagation — which could take hours (or worse).
Reinstall Let’s Encrypt SSL or move the cert over to the new server.
Cross your fingers that nothing breaks in the middle of the change.
The New Way: Cloudflare + Floating IPs
Now, my setup looks like this:
Visitor → Cloudflare → DigitalOcean Floating IP → Active Server
My domain’s nameservers point to Cloudflare, not GoDaddy.
Cloudflare proxies all traffic, so visitors never hit my server directly.
I use a Floating IP from DigitalOcean (stable IP that can be reassigned to any server).
When I move my site to a new droplet:
I simply reassign the Floating IP in DigitalOcean.
Cloudflare keeps pointing to the same IP.
My SSL certificate is Cloudflare-managed, so I don’t have to reinstall anything.
No DNS propagation delays. No SSL headaches. No downtime.
Bonus: Cloudflare Handles SSL
When you use Cloudflare’s proxy (orange cloud), they serve the SSL certificate.
They might use Google Trust Services, Let’s Encrypt, or DigiCert — you don’t have to care.
Browsers see Cloudflare’s certificate, and Cloudflare talks securely to your origin.
Set SSL mode to Full (Strict) and install a free Cloudflare Origin Certificate on your server for end-to-end encryption.
The Only Confusing Part: DNSSEC
DNSSEC = DNS Security Extensions.
It’s an extra layer of security at the DNS level, but here’s the catch:
If your registrar (GoDaddy, in my case) has DNSSEC turned on, Cloudflare can’t take over your nameservers until you turn it off.
At GoDaddy:
DNSSEC is off by default (so you’re fine unless you manually enabled it).
If you turn it on/off too many times, GoDaddy says you get a limited number of “credits” — I think they allow 5 free changes.
TL;DR: Why I Love This Setup
✅ No DNS propagation delays
✅ No SSL reinstall every time I move servers
✅ Easy failover with Floating IPs
✅ Better security (real server IP hidden)
✅ Free SSL with automatic renewal
If you manage multiple servers or like to experiment without risking downtime, Cloudflare + Floating IPs is the way to go.
Updates (8/11/2025)
Got it — here’s the updated blog post with your Cloudflare praise, but now including the origin SSL considerations and the two fix options we just discussed.
How Cloudflare Made My Server Migrations a Breeze (Updated with SSL Notes)
Adam C. | Aug 10, 2025
Switching servers used to mean painful DNS changes, SSL reinstallations, and long propagation delays. But moving to Cloudflare has made the process nearly effortless. By pointing your domain to Cloudflare’s nameservers and enabling proxy mode, all traffic routes through Cloudflare before reaching your server—whether it’s a fixed IP or a DigitalOcean Floating IP—so you can swap servers without touching DNS at your registrar.
The Hidden SSL Gotcha
Cloudflare handles the public SSL certificate your visitors see, but it still needs to connect securely to your origin server. If you leave your origin with no valid SSL, Cloudflare’s “Full (Strict)” mode will fail, resulting in downtime. There are two good ways to fix this:
Cloudflare Origin Certificates
Free, can last up to 15 years.
Trusted by Cloudflare, not browsers.
Perfect if your site is always proxied through Cloudflare.
Let’s Encrypt Wildcard (DNS-01 validation)
Free, fully browser-trusted, supports *.yourdomain.com.
Works even if your A records still point to the old server (since validation uses TXT records in Cloudflare).
Requires renewal every 90 days (can be automated).
With one of these in place, you can migrate servers instantly — no SSL reinstall headaches, no DNS propagation delays, and no downtime.