A record changed, but not propagating

I moved my host so changed my A Records to the new host for 7 sites.
The A records not propagating - https://dnschecker.org shows them several hours later as the old record. I tried development mode, etc. but cannot get them to propagate. What am i doing wrong?

6124994bdb39d759a2e19cdb337c8eb707c052a0_2_690x81

The DNS checker returns a cloudflare IP and appears correct. But, you do have a 526 error, which is an issue caused by the name on the certificate on your new server not matching your site. Other 526 troubleshooting ideas here, Community Tip - Fixing Error 526: Invalid SSL certificates.

On the ssl/tls app, if you set SSL to Full, versus Full (strict), does your site perform as expected? Note that Full is a less than ideal setting for SSL and you’d do better to get a certificate on your origin and set ssl to full (strict). Good tutorial here, Why flexible SSL mode is not the best choice.

2 Likes

all the sites are still showing up under the old A Record address of 104.24.96.229 not the new one of {redacted} - that is the issue

Ah, understood. That’s normal and to be expected, the 104. is a cloudflare IP, that’s what you want returned as opposed to the actual origin IP.

1 Like

OK, but a day later, the host says the A records are still not pointed to them. I cannot get my sites up until it is.
and now i’m getting “Error: Token mismatch” on all the sites.

Hello, the “A record” of my sites are pointed to bluehost at 162.241.253.228
it has been that way for 3+ days.


Yet, Bluehost says “I checked your domains dns propagation and none of them are pointing to Bluehost. Please contact your Cloudflare and verify why the update you have made on the A host record is not propagating.” I changed the SSL to Full, versus Full (strict), but it still doesn not fix the problem…
DNS checker still says it is pointed at 104.27.185.44 - if this is normal, what else is wrong?
Please, what can i do?

The name on the certificate on your origin server does not match your domain, so I am not surprise Full (Strict) does not work. This is probably a continuation of the issues with 526 errors from 3 days ago.

Today, I am getting a 404 error that is similar to the discussion in this thread, Is it possible that the SSL (strict) is causing this?. The 404 is from your origin server, cloudflare does not generate 404 errors. Can you go to the overview page of your domain on the cloudflare dashboard and in the lower right Pause cloudflare? Will be a good way of testing if the error changes/goes away.

I paused it.

OK, thank you. When I hit the site now, I see an error associated with the incorrect name on your origin server certificate. When I bypass that error, I am presented with the same 404 error I see when cf is active. This tells me the issue is not related to cloudflare but on your origin server, the earlier thread has some good suggestions to troubleshoot.

I’d let your host know you’re seeing the 404 error as it’s a configuration issue with the webserver that they can fix.

I am on the line with bluehost and they say that there is an issue with cloudflare - as the a record is not resolving to the correct site - it should NOT be 104.24.96.229, it should be 111.111.111.228 as is represented on cloudflare - i did this more than 5 days ago. Is this an issue because i have the urls registered through cloudflare? If not what?!

Same issue here, A record is showing a different A Record than what is listed under the DNS.

A DNS lookup or ping of a proxied Cloudflare subdomain returns Cloudflare IP addresses. Cloudflare masks your origin IP address for proxied (orange-clouded) DNS records so attackers cannot bypass Cloudflare and directly attack your origin web server.

The IP you shared that ends in .228 is your origin IP, it’s something you want to keep somewhat private to avoid exposure. The above is from the following support doc:

Currently, cloudflare is paused, when I ping your domain, I am returned your IP ending in .228. When cloudflare is not paused then we’re proxying traffic for your site and a ping will return the 104 cloudflare IP. You may want to share the above article with bluehost, they’re a Cloudflare partner and I’d assume are or should be already aware of how cloudflare functions. Good news is at the moment, I’m not seeing the 404 webserver error.

@jmpippin, same thing, you’re A record ends in .40, we’re proxying traffic to your site and returning an A record starting with 104. To be expected.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.