Automatically added A-records causing "error 1000"

We’re experiencing an issue where our customers are seeing “error 1000: DNS points to prohibited IP”
or the HTML is loaded, but some of the assets fail with the same error.

When I look at the DNS config at Cloudflare,
I see that there are A-records, which I did not create, pointing to Cloudflare IPs instead of our server:

104.22.66.213

Same for IPs 104.22.67.213 and 172.67.12.17 and a couple of IPv6 Cloudflare IPs, but I can upload only one image as a new user.

Suspecting that these records caused the “DNS points to prohibited IP” error (1000), I deleted these records in the couldflare DNS config. The next day, I’m seeing the same issue again and when I check the Cloudflare DNS, these A-records have are there again. They seem to be automatically added.

Since this breaks our site, I have disabled Cloudflare proxying at the moment, which is obviously not ideal.

My questions:

  • Why are these A records being added?
  • Are they necessary?
  • How do I prevent them from re-appearing?

Thanks!
Mathias

Do you use Ezoic, an API call or any other service that has access to your Cloudflare account to set DNS records?

You can see what is making the changes in your audit log here…
https://dash.cloudflare.com/?to=/:account/audit-log

We uploaded our DNS records via the Cloudflare user interface during the initial setup two weeks ago. We do not use any third party tools or API calls.
The auditlog lists our actions, but not the addition of these Cloudflare IP A-records, which seems to be an automatic action that is not being logged.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.