Hi, I believe a hacker deleted some DNS records on my server so I need to know what basic records are needed to make everything work correctly. Currently, if I turn on cloudflare site becomes not accessible. I have to disable cloudflare then site loads. Cloudflare will not even do a automatic scan of site. When I removed site and deleted all record to do a scan.
The reason I know some records got deleted is because I remember some of them like MX records that no longer exist. My host is real busy so it will take a week or more before he gets to me. The server is apache. And I work through Cpanel. If it’s easier, you can screen shot it and post it. Or leave a link. I don’t like my site not having any security.
The DNS records at Cloudflare should match the DNS records at your host. If turning off Cloudflare makes your site work, then your missing DNS records exist at your host.
I cancelled cloudflare because I see no need to pay for all this until my site is back up and working. And seems like everything works against me. it always takes several days or weeks because I usually end up trying to figure out server stuff when I mainly only know website stuff. I tried to google it but I really got nothing, So I don;t know if anyone can even help me.
I forgot I had been working on another website on the same server several months ago. So I logged in and did a comparison of records. There were 4 extra record and 1 missing mx record. The only extra record I deleted was one that had suspicious coding in it. I left the other extra records they were cnames. And they did not look suspicious.
So after the fix, it still does not work. If you need me to turn on cloudflare so you can see what’s going on I will But it’s a 522 error with a pic that show the host server not working aka red X. But if I disable cloudflare totally, it takes about 5 minutes. But site begins to load again.
I told my how to check security events to see if one is being tripped and if so turn it off. Now I have reinstalled wordpress from scratch, and with the basic install test this and it still does it. As to why I believe it’s on a server level not a website level.
My site has been hacked 20 times since the first of the year. Is there anyway they did something to cloudflare, and that maybe a account delete and reset up might fix?