About proxy and dns only from hosting provider.All this seems strange to me

Hello, before I moved the website behind cloudflare I received an attack as the support team of the hosting provider wrote to me and they recommended me to set it to cloudflare which I did.

The website worked normally with most dns records proxy enabled

After about 15 days, the website received an unprecedented attack with 50 million requests in less than an hour.

From then on, the problems started.

After I contacted the hosting provider in an attempt to restore the website, they told me that in order for the website to work properly again, I must set which records were from proxy to dns only, which I did and waited for the process.

For a while the website worked, but after a while it did again
It didn’t work. Here is what the support team sent me

In the first communication I had, they told me that this happened because you changed the dns, which they suggested to do and set the website behind cloudflare.

In the second communication we had, they sent me the following

I just got an update from our Technical team and as per se, it seems that the domain was blocked earlier in operasty due to causing the performance issue. However, we have now requested to unblock it since you are now using another Name server. This should be working now.

My question is as follows, how is it possible that it works correctly the first time and the dns records are proxy enabled, while the second time it cannot work properly, as I was told, because the dns records are proxy enable and that I had to set them to dns only.

The second question I want to ask is if with proxy enable in dns records does cloudflare prevent or block malicious dns queries

Something I don’t like about all this, the first time everything worked fine, after the attack they told me to leave the dns records in dns only mode and after the website didn’t work again they told me that the domain was blocked earlier in operesty due to causing the performance issues.

What do you think of all this?

Thanks for any help in advance

Hi @user13020,

To answer your first query, the working condition of your DNS records whether set to proxy or DNS only, highly depends on the configuration of your server and how it interacts with Cloudflare.

For the second query, when you enable the ‘proxy’ in DNS records, Cloudflare does provide security benefits including blocking malicious traffic. However, it can’t block malicious DNS queries if your DNS is set to DNS only mode.

As for your issues after the attack, it’s possible there might have been some configuration changes on your hosting provider’s end. Consider contacting your hosting provider for more clarity, and also consult with Cloudflare support if you suspect any issue related to Cloudflare configuration or services.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.