Changes on WAF during DNS transition



Hello Support,

I have my SSL certs offloaded on WAF. during the DNS change, do i have to make any changes at WAF? The only change i am ware is to enable x-forwarded to get real IP of the source.

Kindly let me know as to what changes I need to make on WAF? I do have some IP’s whitelisted for apis which i need to white-list on cloudflare as well. I have my existing certs on WAF. If i change my DNS to cloudflare, what happens if i browse SSL website?

Scenario: has ssl cert on WAF and I change my DNS to CLoudflare.

so if i browse,, will my website work or do i have to make any changes on WAF?



If this WAF at Cloudflare or another service? If all you do is change your nameservers to ours nothing changes if you are just using us for DNS.

If we are going to act as a proxy then we become an SSL termination endpoint and you’d either need our universal SSL certificate to process/ be installed on our edge, order a dedicated SSL cert through us or use a plan where you could upload your existing SSL cert.

If you are using a 3rd party WAF it would need to know the list of Cloudflare IPs if you are going to proxy through is and you’d want to make sure it doesn’t blacklist our IPs for some reason.