Troubleshoot issues with domains connected to Shopify

A custom domain is your customer's first entry point to your online business. Ensuring that you have your custom domain accessible to your customers is an important part of launching and maintaining your store. Whether you have a Shopify-managed domain or a third-party domain, you can review your domain to verify the following information:

  • The DNS records match the following records without any typos:
    • A record: 23.227.38.65
    • AAAA record: 2620:0127:f00f:5:: or 2620:0127:f00f:0005:0000:0000:0000:0000, for domains that require the expanded IPv6 address
    • the www CNAME record shops.myshopify.com.and include the period
  • There is only one A record and only one AAAA record.
  • There is only one www CNAME pointing to Shopify and any additional CNAME records have unique names, such as shop.
  • There is no DNSSEC active on the domain.
  • There is no wildcard record pointing at Shopify.
  • There is no Cloudflare Proxy present.
  • Your third-party domain provider permits Let's Encrypt and GlobalSign to provision SSL certificates. Shopify-managed domains all permit Let's Encrypt and GlobalSign.
  • Your domain is active and not expired.

If you receive a Needs Attention badge notification on your domain in the Shopify Admin, then there are issues that you need to address. Review the following notifications for the solutions.

A record isn't pointing to Shopify

Notification: Your domain's A record doesn’t point to Shopify. Open your domain provider's DNS settings for example.com and assign 23.227.38.65 to its A record.

The A record is responsible for pointing your domain to Shopify. If it's not configured correctly, then you'll experience connectivity issues. Visit your domain provider and update your A record to point to the IP address recommended by the banner on the settings page for your domain.

Multiple A records

Notification: Your domain has too many A records. Having multiple A records may cause connection issues. To follow best practices, open your domain provider's DNS settings for example.com and assign 23.227.38.65 to its A record.

When multiple A records are provided, one is selected at random by the browser each time your domain is visited. If you have multiple A records, then some visitors might arrive at your shop and others might be routed elsewhere.

CNAME record isn't pointing to Shopify

Notification: Your domain's CNAME record doesn't point to Shopify. Open your domain provider's DNS settings for example.com and assign shops.myshopify.com. to its CNAME record.

The CNAME record is responsible for handling any subdomains that need to point to Shopify for correct routing.

CNAME record is missing

Notification: Your domain has no CNAME record. Open your domain provider's DNS settings for example.com and assign shops.myshopify.com. to its CNAME record.

The CNAME record ensures that any subdomains of your domain map correctly to your Shopify store. Make sure to add a CNAME record in your DNS settings.

Cloudflare Proxy present

Notification: Your domain is using a Cloudflare Proxy, which Shopify does not support. If you're unsure about this, please contact Shopify Support for assistance.

Cloudflare proxies and other similar settings can interfere with Shopify's network and affect your store's connectivity. If you're experiencing connection issues and aren't familiar with Cloudflare or proxies, it's possible these were set up by your DNS provider by default. If this is the case, contact Shopify Support.

If your Cloudflare DNS has "DNS only" appearing in the settings, the error may resolve itself in 24 hours. If you still experience the issue after 24 hours, please contact Shopify Support.

Image of cloudflare DNS dashboard showing DNS only

Does not permit Shopify's Certificate Authorities

Notification: Your domain doesn't permit Let's Encrypt and GlobalSign to provision SSL certificates. Open your domain provider's DNS settings for example.com and add a CAA record for letsencrypt.org and globalsign.com.

Your CAA settings must grant access to the certificate authorities that Shopify uses to issue SSL certificates.Add CAA records for Let's Encrypt (letsencrypt.org) and Global Sign (globalsign.com) in your existing CAA record list to allow Shopify to provision a free SSL certificate for your domain.

CAA record containing ";" character

Notification: Your domain's CAA record blocks SSL certificate provisioning. Open your domain provider's DNS settings for example.com and check that there's one CAA record each for letsencrypt.org and globalsign.com. Make sure your CAA records don't contain semicolons (";"). Alternatively, delete your CAA records.

A semicolon in your CAA record signifies that no certificate authority is allowed to provision SSL certificates for this domain. Either remove this CAA record or alter it to allow Let's Encrypt (letsencrypt.org) and GlobalSign (globalsign.com).

AAAA Record isn't pointing to Shopify

Notification: Your domain's AAAA record doesn't point to Shopify. Open your domain provider's DNS settings for example.com and assign 2620:0127:f00f:5:: to its AAAA record.

The AAAA record is responsible for pointing your domain to Shopify on the IPv6 network. If the AAAA record is not configured correctly, then some users will experience connectivity issues. Visit your domain provider and update your AAAA record to point to the IP address recommended by the banner on the settings page for your domain.

Multiple AAAA Records

Notification: Your domain has too many AAAA records. Having multiple AAAA records might cause connection issues. To follow current best practices, open your domain provider's DNS settings for example.com and assign 2620:0127:f00f:5:: to its AAAA record.

When multiple AAAA records are provided, one is selected at random by the browser each time your domain is visited. If you have multiple AAAA records, then some visitors might arrive at your shop and others might be routed elsewhere.

DNSSEC is active on a Shopify-managed domain

Notification: Your domain has an unsupported DNSSEC record. Shopify doesn't support DNSSEC at this time. Contact support to have it removed.

If your domain is transferred in to Shopify from another provider with DNSSEC already activated, then this configuration transfers over with your domain. DNSSEC is currently unsupported by Shopify and prevents your domain from resolving. If you get this error, then you need to contact Shopify Support so that they can assist in removing unsupported DNSSEC records.

Shopify-managed domain returns unexpected nameserver values

Notification: Your domain nameservers returned an unexpected value. Nameserver issues can make your site unreachable by customers. Contact support for more information.

Your domain is returning nameservers values that are different from what is configured in your Shopify Admin. This can occur when a domain has a hold on it and requires attention. Contact Shopify Support for help.

Failure fetching DNS information

Notification: Error fetching domain {record_type} record. Open your domain provider's DNS settings for example.com and check that the record is set correctly.

This notification is the result of either no record being set up, a misconfiguration blocking DNS resolution, or a temporary DNS connection issue. Remember that DNS updates can take up to 48 hours to update, so if you have validated your DNS settings at your domain provider already and there are no issues, then this might be resolved when your domain has finished propagating.

Domain is using a wildcard record pointing to Shopify

Notification: Your domain has a wildcard record pointing to Shopify. Having a wildcard record (*.example.com) pointed to Shopify can interfere with your site and isn't supported. Open your domain provider's DNS settings for example.com and remove the wildcard record.

A wildcard record pointed to Shopify isn't recommended and can cause unexpected behavior. Set your records for all specific subdomains instead of using wildcard records.

Can’t find the answers you’re looking for? We’re here to help.