Deprecated - An A, AAAA, CNAME, or MX record is pointed to your origin server exposing your origin IP address

This tutorial is deprecated in favour of Exposed IP addresses · Cloudflare DNS docs


This tutorial post covers the following messages:

Some of your DNS only records are exposing IPs that are proxied through Cloudflare
This record exposes the IP behind which you have proxied through Cloudflare. To fix this, change its proxy status.

Normally your IP address is hidden by Cloudflare and any lookups would see a Cloudflare IP address rather than that of your origin server. This message appears when a DNS record is exposing the origin IP address.

There are several possible reasons why this might be the case, in some cases you can hide the IP and remove the warning, but in many cases, you need to expose the IP for your non HTTP(S) services to work.

  1. The :grey: web subdomain

    In this example, the warning shows on the record for www, since that is set to :grey: and not :orange:. If the subdomain is only used for web traffic, you can edit the :grey: to :orange: and remove the warning.

  2. The :grey: non-web subdomain

    In this example, the warning shows on the FTP hostname. Cloudflare does not proxy non HTTP(S) services such as FTP. If you require a direct connection over the subdomain, you must leave it :grey:. Alternatively, the generally recommended approach is to remove the FTP record and specify the IP address of your server directly in your FTP client to connect.

  3. The mail records
    Mail records are the most common to receive this warning. It may be shown on a subdomain unproxied for email, or on the MX record if Cloudflare has generated a direct connect hostname so your emails work.
    A record

    MX record

    If you have one server that hosts both your website and emails, you will not be able to remove this warning. For emails to work, the IP of your server has to be exposed as Cloudflare does not proxy mail traffic. The only way to remove the warning would be to use a 3rd party email host or a separate server to host your emails, if you don’t want your web server IP to be exposed.

Tutorial Reference: CT-18
Reviewed: 07/21

This is a Community Tutorial, most are wiki posts, so can be contributed to by Regulars and MVPs here. If there is a tutorial you would like to see, you can request one here.

If you would like to provide any feedback on this tutorial, please post in the #Meta category, tag your post #TutorialFeedback and let us know the Tutorial Reference above.

Other great resources on this community include the Community Tips . These address best practices when configuring Cloudflare, how to fix issues you may see, and tools to troubleshoot. Also you can view Expert Tips, great posts on the community from people in the know that may help you with your issue.

We encourage users to check out these great resources and the Cloudflare Support Centre before posting