DNS Assistance

rfanch3r · October 15, 2018, 1:09am

Hi, currently if I activate DNS+HTTP Proxy I can no longer get to my website so I am thinking I have my DNS records filled out incorrectly.

Can someone provide a screen shot of what a correct one is supposed to look like? I attempted to find one but they are all in pieces.

My site works when I only have the DNS option turned on. BTW I am the owner of the host its on.

If you are not comfortable with displaying your host then can you DM me instead?

Thank you.

site is arch1mede dot com

OliverGrant · October 15, 2018, 3:13am

@rfanch3r,

Check your SSL/TLS app and make sure the SSL level is set to Full or Full (strict). Since your site is listening on port 443 you want that over Flexible.

-OG

rfanch3r · October 15, 2018, 4:25am

Ahhhh that must have been it. I read that it should be flexible, I guess in my case it should not. I wouldn’t have thought to change that if you hadn’t mentioned it. So thank you!

rfanch3r · October 15, 2018, 4:36am

OK now onto my next dns issue, currently with DNS+HTTP Proxy turned on and working (Thanks to @OliverGrant), I now have a warning for my mx entry, my entries currently look like this:

A myhost.com 1.2.3.4
CNAME mail myhost.com
CNAME www myhost.com
CNAME webmail myhost.com
MX mail mail.myhost.com

In the MX portion there is a warning saying This record is exposing your origins servers IP which may open this up to DOS attacks. Is this configured wrong?

MarkMeyer · October 15, 2018, 7:06am

No, it’s correct. If you activate Cloudflare for mail. you’d not bei able to use mail protocols. To hide your origin IP completely you need a different server or at least a different IP for email handling.

OliverGrant · October 15, 2018, 11:46am

@rfanch3r,

Cloudflare doesn’t proxy SMTP traffic (unless you are an Enterprise customer using Spectrum) so your Mx record will point to the true IP of the server. As @MarkMeyer says if that IP is the same as your website than technically you have exposed the origin IP. The only way around that is to either use a different server for mail or Spectrum (different server is probably cheaper).

But depending on your use case this might not be a big deal. I have several domains configured like that.

-OG

system · November 15, 2018, 7:09am

This topic was automatically closed after 31 days. New replies are no longer allowed.

Topic		Replies	Views
Email Setup Getting Started dash-getting-started , dash-errors , dash-troubleshooting	2	3026	April 11, 2019
Problem with setup Getting Started dns , caching , WordPress , dash-getting-started , dash-errors , dash-troubleshooting	13	3283	October 8, 2018
Need help to configure our DNS record to make email work under the cloud DNS & Network dash-troubleshooting	4	3411	August 7, 2019
Cloudflare is taking diffrent mx records DNS & Network	6	2958	May 4, 2020
DNS Management - Question DNS & Network	2	2186	May 12, 2021

DNS Assistance

Related topics