Custom Domain


Every Files.com site gets a custom subdomain that looks like <your-subdomain>.files.com.

This ensures that your custom branding (including logo and colors) is visible for the entire Files.com experience, including logging in and accessing public pages like inboxes and share links.

You can take your site customization a step further --- removing all traces of Files.com branding --- by setting up a completely custom domain. Something like files.your-company.com.

Other reasons to set up a custom domain include:

  • some corporate firewalls block "File Sharing" sites, which sometimes include Files.com. Using a custom domain will usually work around these restrictions.
  • some customers report better access in China when using a custom domain for a similar reason.
  • using a custom domain also provisions you dedicated IP addresses, which some customers require.
  • using a custom domain is required in order to enable insecure ciphers for SFTP only.

Choosing Your Custom Domain

Files.com makes the process of setting up a custom domain easy. You will need both administrator access to your Files.com site, as well as access to your account with the DNS provider for your domain (e.g. GoDaddy, NameCheap, Route 53, etc.)

Your files.com subdomain will continue to work after adding a custom domain.

You can use any subdomain of any domain that you control. We recommend not using ftp as the first part of your domain (such as ftp.<your-domain>), since this will cause some browsers to improperly access the Files.com web interface.

Instead, we suggest using something like files.<your-domain>.

Adding The CNAME Record

Once you have chosen your custom domain, the next step is to set up a CNAME DNS record with your DNS provider, pointing your chosen custom domain to the appropriate Files.com subdomain.

The CNAME value will depend on whether you want your custom domain to use an SSL certificate provided by Files.com(recommended), or use your own SSL certificate.

Using an SSL certificate provided by Files.com

Files.com provides SSL certificates for custom domains free-of-charge. Renewals are handled automatically, and no further action is required on your part to keep the certificate active once set up.

To set up your custom domain to use an SSL certificate provided by Files.com, simply create your CNAME record pointing your custom domain to your Files.com subdomain (e.g. your-subdomain.files.com).

Once you have created the CNAME record, you can complete the setup of your custom domain by adding your custom domain in Files.com.

Certificate provisioning in Files.com is very fast. We are generally able to provision and activate a certificate in 10-15 minutes after the DNS change has propagated and the domain has been added to Files.com according to our instructions.

Using your own SSL certificate

If you prefer to use your own SSL certificate rather than one provided by Files.com, you will first need to upload and activate your SSL certificate at Settings > Site identity > SSL Certificates > Manage SSL Certificates.

If you have already obtained your SSL certificate, simply click the Upload and use your own certificate button to upload it. You will need to provide the certificate's private key (and key password if the key is encrypted), the certificate itself, and the intermediate certificates from your certificate authority.

If you haven't yet obtained a certificate, you can use the Generate CSR link to generate a new secure keypair and certificate signing request (CSR) which you can provide to any accredited SSL Certificate authority when purchasing an SSL certificate.

Some SSL vendors request the web server type as part of the certificate generation process. Files.com requires a certificate in OpenSSL format, which can usually be obtained by choosing the option for ApacheLinux, or Other.

For security purposes, we strongly recommend generating a new certificate that is used only by Files.com and is scoped to the exact subdomain used by Files.com (such as files.your-domain.com).

After uploading your SSL certificate, click the Activate button to activate it. Once your SSL certificate is active, the CNAME record value to use will be displayed under DNS Configuration.

Screenshot that shows the CNAME configuration inside of the Files.com platform.

In the example screenshot above, the CNAME value for the files.example.com) custom domain is s-example.di.app.files.com.

Once you have created the CNAME record, you can complete the setup of your custom domain by adding your custom domain in Files.com.

If you set up your custom domain using your own SSL certificate, and later wish to switch to using a certificate provided by Files.com, you can easily do so by deactivating your SSL certificate at Settings > Site identity > SSL Certificates > Manage SSL Certificates, and then updating your CNAME record according to the instructions for using an SSL certificate provided by Files.com.

Switching back to an SSL certificate provided by Files.com

Before switching back from using your custom SSL certificate, be aware that:

  • Manual intervention from Files.com Support is required. You should plan on arranging to have our Support team on the phone with you during the switch. Support is available during US Pacific Time Zone working hours.
  • There will be some outage time during the switch but working with our Support team will minimize it.
  • A custom domain is required in order to enable insecure ciphers for SFTP only, which you will no longer be able to utilize.

To switch back, the steps are:

  • Reduce the TTL of your CNAME record from the default TTL value down to 60 seconds. A lower TTL will minimize the outage time.
  • Wait for the duration of the previous TTL, usually around 24 hours, before progressing to the next step.
  • Contact Files.com Support and have them live on the phone for the next steps.
  • Change the CNAME record of your domain from s-[subdomain].di.app.files.com to [subdomain].files.com. (Files.com uses different CNAME records for Files-provided certificates versus customer provided certificates.)
  • Files.com Support will validate the CNAME change and issue a new certificate.
  • Once the new certificate is in place, you can restore the TTL of your CNAME record to its previous value.

API and FTP, SFTP, and WebDAV Connections

Your SSL certificate will be used for any connections to your site that involve TLS encryption, which includes the web interface, the REST API, FTP, and WebDAV.

SFTP will not use the certificate, since that protocol uses SSH encryption instead of TLS.

Once you set up and activate your own SSL certificate, only connections initiated to your site via your custom domain will use that certificate.

Connections via your files.com subdomain will still use our Files.com certificate, since your certificate would not be valid for our domain.

Dedicated IP addresses

As part of the custom domain setup process, Files.com automatically provisions two dedicated IP addresses that are exclusive to your site and act as static IP addresses. This means that if you have users who restrict outbound access via a firewall, they will only need to whitelist your two dedicated IP addresses in order to access your site via the custom domain, rather than having to whitelist our entire published list of IP addresses.

You can view your dedicated IP addresses at Settings > Integrations > View firewall configuration information.

It is our goal to have your Dedicated IPs remain the same, and we work hard to avoid having IP Addresses change out from under you. In practice, dedicated IPs for our customers have remained the same for the past several years.

If we ever have to make changes to your IP addresses, we will endeavor to provide advance notice.

For extra capabilities, we have implemented an automated mechanic for you to be able to get real time notifications when a change occurs. You can achieve this by polling the /ip_addresses API endpoint shown in our API documentation. This endpoint returns a response including both our published list of IP addresses, and your site's two dedicated IP addresses.

Multiple Custom Domains

You can set up multiple custom domains with a single Files.com site by providing your own SAN (or "multi-domain") SSL certificate that covers all of the domains you want to use.

After uploading and activating your SAN certificate at Settings > Site identity > SSL Certificates > Manage SSL Certificates, the DNS CNAME value to use for your custom domains will be shown in the table under DNS Configuration in the VALUE / ANSWER / DESTINATION column.

While this will allow you to access your Files.com site via any of the domains covered by your SAN certificate, Inboxes, Share Links, and links sent in welcome/signup and password recovery emails for your site will only use the custom domain configured at Settings > Site identity > Custom domain.

HTTP Strict Transport Security (HSTS) on Custom Domains

HTTP Strict Transport Security (HSTS) is a policy mechanism that allows web servers to declare that web browsers should automatically interact with it using only HTTPS connections. Use of HSTS is a recommended best practice.

We enable HSTS on our *.files.com subdomains by default, and we optionally allow our customers to enable HSTS on custom domains as well. There is a setting under Settings > Identity next to the custom domain that allows you to enable HSTS on your domain.

CAA Records

A "CAA" Record is a security feature of the DNS system that allows domain name owners to restrict which issuers are allowed to issue SSL Certificates for a given domain.

If your Custom Domain has a CAA record set in your DNS, you will need to either update your CAA record to allow our Certificate Authority to issue certificates or provide your own certificate.

We issue certificates through a popular Certificate Authority called Let's Encrypt.

If you have a CAA DNS record for your custom domain, you'll need to create another CAA record with the value letsencrypt.org, enabling us to issue the certificate.

If you need any help with this process, just let us know the service you're using to manage your DNS records (e.g. GoDaddy, Namecheap, etc.), and we'd be happy to assist.

Changing an Existing Custom Domain

It is possible to change an existing custom domain to a different one with minimal downtime, however there will always be a small period (about 5 to 15 minutes) of downtime.

This downtime is due to 2 things: (1) registering your SSL certificate (if we are registering it) and (2) a time delay where some of our edge servers will serve your old domain's certificate and others will serve your new domain's certificate.

We recommend you plan the switch for a time period where your site has minimal usage, such as a night or weekend.

To minimize downtime, perform the steps in the following order:

  • If your new domain is already pointed to a location via DNS, update the Time To Live (TTL) values on the existing DNS to a low value, such as 60 seconds. This will tell DNS servers across the internet to prepare for a change in the destination of this domain. This step needs to be performed ahead of time, ideally 2-3 days ahead of time, to allow the maximum impact.
  • If you will be providing your own SSL certificate, upload your new certificate prior to changing the custom domain. (If you will be using a certificate provided by Files.com, you may skip this step. We will generate the new certificate automatically when you change the custom domain.) This step may also be performed in advance of the move.
  • When ready to switch, create DNS records for the new domain at your DNS provider. They will be the same as your existing custom domain DNS records. Then quickly change the domain setting in Files.com.
  • Wait for the changes to take effect.
  • The following day, you may update the Time To Live (TTL) values on your domain's DNS records to a higher value, such as 86400, or whatever you find appropriate.

Changing Your Subdomain if you Also Have a Custom Domain

If you have a Custom Domain installed be aware that it is tied to your site's subdomain (i.e. the [subdomain].files.com address that every customer gets) via the DNS records used to link your custom domain.

If you want to change your custom subdomain, you should expect downtime due to the DNS propagation needed to effect the change, and you will also need to make changes to your Custom Domain's DNS records contemporaneously with the change.

This downtime is caused by 3 things: (1) re-registering your SSL certificate (if we are registering it), (2) a time delay where some of our edge servers will serve your old subdomain's certificate and others will serve your new subdomain's certificate, and (3) the need to create DNS records in the Files.com DNS for your new subdomain.

We recommend you plan the switch for a time period where your site has minimal usage, such as a night or weekend.

To minimize downtime, perform the steps in the following order:

  • Update the Time To Live (TTL) values on the existing DNS records for your custom domain to a low value, such as 60 seconds. This will tell DNS servers across the internet to prepare for a change in the destination of this domain. This step needs to be performed ahead of time, ideally 2-3 days ahead of time, to allow the maximum impact.
  • When ready to switch, update your subdomain setting in Files.com. Then update the DNS records for your custom domain to use your new subdomain in the files.com CNAME part of the record.
  • Wait for the changes to take effect.
  • The following day, you may update the Time To Live (TTL) values on your domain's DNS records to a higher value, such as 86400, or whatever you find appropriate.

If you are planning on changing both your custom subdomain and domain, we recommend doing these events on separate days to reduce the risks and make rollback easier.

Renewing Your Custom SSL Certificate

When using your own SSL Certificate, the renewal of the certificate is managed by you yourself. You should plan to renew any expiring SSL Certificate prior to its expiration date and time. Please contact your SSL Certificate Provider if you have any questions about the process.

Files.com can assist in creating the Certificate Signing Request (CSR) for the renewal.

For a certificate request to an existing certificate, navigate to Settings > Site Identity > SSL Certificates > Manage SSL Certificates, select the Renew button for the required certificate, complete the form, and select the Generate CSR button.

Once your SSL Certificate Provider has provided you with your renewed SSL Certificate, navigate to Settings > Site Identity > SSL Certificates > Manage SSL Certificates, select the Import button that corresponds to the Certificate Signing Request (CSR) that you created above, complete the form by pasting in your new Certificate and its Intermediate Certificates, then select the Save button.

Pitfalls Associated With Using CNAMEs That Aren't Registered in Files.com

Some customers have discovered that it is possible to configure a CNAME record from a domain they control to their .files.com subdomain without configuring it in Files.com as a custom domain. We strongly recommend against this practice because this will not result in a valid SSL certificate for the custom domain, and it will not provision any dedicated IP addresses.

Regardless, some customers do it anyway because SFTP doesn't use SSL certificates at all. Please be aware that this method of pointing a domain is unsupported.

Using A Flattened CNAME

Some DNS providers, such as Cloudflare, automatically "flatten" CNAMEs to return an IP address rather than a hostname when the CNAME is resolved. You can use a flattened CNAME , but you must disable proxying for your CNAME within your DNS provider in order for Files.com to recognize the custom domain.

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.

Start My Free Trial

©2022 Files.com. All right reserved

FILES.COM

  • Start My Free Trial
  • Pricing
  • Docs
  • API and SDKs
  • Contact

CONTACT & SUPPORT

support@files.com

(800) 286-8372

Monday–Friday

9am–8pm Eastern