Malware Filtering DNS blocked dynamic dns services

I use FreeDNS, aka FreeDNS to connect back to the Sophos SG UTM I setup for my parents. Since my parents are provided a dynamic IP from their ISP, using FreeDNS in connection with the Sophos UTM has been a solid way for me to remotely access the UTM despite their IP changing on a regular basis.

When I attempted to connect to the subdomain, i.e., subdomain.chickenkiller.com, as provided by FreeDNS, using the CloudFlare Malware Filtering DNS, aka, the domain was blocked from resolving.

When I attempted to connect to the domain using regular, unfiltered CloudFlare DNS, aka, I was able to reach the dynamic subdomain/UTM without an issue.

I know the Malware Filtering DNS is new for CloudFlare, is this the intended behavior? My parents are currently using OpenDNS in conjunction with the Sophos SG UTM to provide them with a secondary internet filter. I was intending to switch them to CloudFlare DNS with malware filtering from OpenDNS, but this obviously would be a deal breaker. This unfortunately also prevents me from using for malware filtering on my own network.

I need to know if this new behavior is in the intended behavior for dynamic DNS services with the new CloudFlare Malware filtering DNS or if this is another bug with for families being new?

You can submit a site for review here:


That’s part of the problem though, the page is non-public.

Cloudflare is blocking my subdomain on a shared domain. I access the UTM on the free subdomain using port 4444, which is restricted to only respond to the subdomain set on the UTM for my external IP address to connect back to the UTM. The UTM is set to only respond to one external IPv4 address in the world.

This is a policy adjustment that needs to be made, not to an individual website. CloudFlare’s malware DNS service is blocking a domain that can’t share malware, because nothing is available on that domain, on any ports, other than from the one individual IP address I allow to have external access.

Everything works as intended using the malware filtering settings with OpenDNS, why can’t Cloudflare adjust to allow dynamic domains?