Cloudflare created 200 DNS entries for many of my domains

I added around 30 domains to Cloudflare and many of them had wildcard DNS like *.example.com
Instead of importing this record, Cloudflare seems to try to guess common DNS records like backup.example.com and adds them all.

So for many of my domains I got around 200 individual DNS entries with no option to delete them all in bulk, now what ?
Edit: there should be a bulk edit/delete function.

I also noticed that it didn’t import existent DNS records for some of my domains, what is this ?! I don’t feel like domain DNS records is treated like an important thing if you randomly lose records. And the whole process seems broken if records are guessed and not directly imported.

How do you propose Cloudflare knows what the records are? There’s no directory listing in DNS.

2 Likes

You mean all the online DNS query tools try common records in order to get a value ?
The root domain / dns doesn’t actually list them ? :astonished: :exploding_head:

Pretty much. When you have a wildcard entry, any DNS query for your domain get a result.

More info

If you need a tool to delete all your DNS records then I made this

4 Likes

In the olden days, you could do a “zone transfer” to dump the entire contents of a DNS zone with everything defined in it. Basically no one still allows that. One of those ideas that didn’t survive the internet becoming more than a niche thing.

I guess the takeaway is that if you have a wildcard DNS entry with your old DNS provider, you should probably delete it before you start the Cloudflare setup process, and then recreate it in Cloudflare afterward.

(Although it seems like it would be possible to design around this… maybe do a few lookups for things that definitely shouldn’t exist, like long strings of random characters, and if they all look up successfully, it can be reasonably inferred that a wildcard DNS entry exists. Then maybe prompt the user on how they want to handle the situation?)

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.