DNS Assistance

Hi, currently if I activate DNS+HTTP Proxy I can no longer get to my website so I am thinking I have my DNS records filled out incorrectly.

Can someone provide a screen shot of what a correct one is supposed to look like? I attempted to find one but they are all in pieces.

My site works when I only have the DNS option turned on. BTW I am the owner of the host its on.

If you are not comfortable with displaying your host then can you DM me instead?

Thank you.

site is arch1mede dot com

1 Like

:wave: @rfanch3r,

Check your SSL/TLS app and make sure the SSL level is set to Full or Full (strict). Since your site is listening on port 443 you want that over Flexible.


Ahhhh that must have been it. I read that it should be flexible, I guess in my case it should not. I wouldn’t have thought to change that if you hadn’t mentioned it. So thank you!

OK now onto my next dns issue, currently with DNS+HTTP Proxy turned on and working (Thanks to @OliverGrant), I now have a warning for my mx entry, my entries currently look like this:

A myhost.com
CNAME mail myhost.com
CNAME www myhost.com
CNAME webmail myhost.com
MX mail mail.myhost.com

In the MX portion there is a warning saying This record is exposing your origins servers IP which may open this up to DOS attacks. Is this configured wrong?

No, it’s correct. If you activate Cloudflare for mail. you’d not bei able to use mail protocols. To hide your origin IP completely you need a different server or at least a different IP for email handling.

1 Like

:wave: @rfanch3r,

Cloudflare doesn’t proxy SMTP traffic (unless you are an Enterprise customer using Spectrum) so your Mx record will point to the true IP of the server. As @MarkMeyer says if that IP is the same as your website than technically you have exposed the origin IP. The only way around that is to either use a different server for mail or Spectrum (different server is probably cheaper).

But depending on your use case this might not be a big deal. I have several domains configured like that.



This topic was automatically closed after 31 days. New replies are no longer allowed.