DNS IP addresses exposed? MX mail server? Not sure

Greetings in this crazy world! I am trying to keep sane!

I am trying to start a wellness website with relatively unknown information for mainly guys.

Can someone please take a look at this attachment and tell me what I am doing wrong here? It keeps saying I am exposing the IP addresses or something like that. I originally had issues with trying to setup my mail because it was showing in my spam folder saying it wasn’t the right email address or something SPH error.

Now I went into DNS settings and I’m not sure what to do to make it all proper without getting warnings like I am now? :frowning:

This is showing the warning because you have two of the A records proxied, the rest of the A records to the same IP are not proxied (grey cloud).

One recommendation I would have is keep the A record for the root domain and make the rest of them CNAME records pointing to the root domain (so you only have to update it once).

You cannot remove the warning unless all the records are proxied, or the ones that are proxied point to a different IP than the unproxied records.

Any records used for mail (A/AAAA records) that indicate the location of the mail server need to remain unproxied (grey cloud) but it doesn’t look like this particular point will affect you according to the screenshot.

Hope this helps.

Thanks so much for the lifesaving help!

Can you be more specific in what I should set? I have messed around with DNS servers 15 years ago, but haven’t touched them much recently.

Thanks a lot! YOu helping me will potentially help millions of people.


Remove the A records for all these:

Then add all the above as CNAME records pointing to the zone apex (wellnessbachelor.com).

Depending on your zone SSL level, if you have a valid SSL certificate you can proxy all the CNAME records (orange cloud)

From the screenshot it doesn’t look like you have an MX record on that domain so it should be fine with them all proxied


I have added what you recommended and I guess it makes sense

Here is a screenshot of the modifications.

Can you tell me how I should add the MX list? I need that for sure.


Here it is

Almost right, I did make one mistake though in the earlier instructions (sorry)

See the CNAME record for mail, change that one and only that one back to an A record (make sure it has a grey cloud)

For the MX record, set the name to @, mail server to [email protected], leave the TTL as is and priority can be anything (as you only have one), I’d recommend using 10 as the priority (seems to be a standard for a single mail server)

When you save the record, the dashboard will transform the @'s for the MX record into the correct value for you :slight_smile:

still getting error in the screenshot. I followed your directions … nada! :frowning: cloudflare1 modified error

It’s because the IP is both proxied and unproxied (but what you have now is better than it was).

This is all you can do :slight_smile:

The warning is just there to let people know in case they did it by accident.

The content of the MX record should be mail.wellnessbachelor.com rather than just wellnessbachelor.com

One more thing is make WWW a CNAME also :slight_smile:

I changed www from A record to CNAME with content wellnessbachelor.com and the website is not coming up.

Strange isnt it? It should be pointing to wellnessbachelor.com ? :frowning:

Right, you need to add an A record for the root domain pointing to your IP address, and make it proxied then the WWW CNAME will work :slight_smile:

Just for the sake of good order and because it’s the usual broken setup.

You don’t have a certificate on your server and hence your site is insecure, you might want to fix that.

Here is latest screenshot


Add another A record with that 68.X IP, with the name @ and make it proxied (orange cloud)

Give it a few minutes and the WWW CNAME should then start working when you do what @sandro said and make sure it’s using a valid certificate.

Your site is still insecure.

Thanks for the follow up

Can you tell me what is insecure about my setup? :slight_smile:

@DaServaJesus mentioned it earlier already.

If you are talking about SSL: I think I already got that setup? I contacted my hosting provider and they said its OK?

Then make sure your encryption mode is “Full strict” because right now it is not.

1 Like

I think I got it working now. I went into cloudflare and enabled strict SSL AND inputted the custom CA certificate.

Could someone take a look and let me know?


Everything ok now? :slight_smile: