Domain Requests all Blocked

HI Guys i have had my reverse proxy for year with no issue. I even have wild card DNS setup which worked fine but after some tinkering to tighten security it broke everything. I have spent 48 hrs to try and get back to it working s i reset it to my old settings but the whole of my domain is still blocked. Please can you review why CF is blocking all the domain & subdomain request try
Keep getting 401 Authorization for every one of the subdomains, but this has worked for years on my original setup which i have reset!!!

Any further details or images required please ask

See here DNS setup

Wildcard DNS records cannot be proxied :orange: (except on an Enterprise account). The 401 is coming directly from your server, as all Cloudflare are doing here is DNS.

HI Michael
Cheers for your quick reply everything is working as before with these settings. Could i ask if i set SSL to full would it work and give me some better security?
Also would i be able to use firewall rules with these current settings ?

For records covered only by the Wildcard, the SSL Mode makes no difference. For the record which is :orange:, SSL Full is highly recommended. Just make sure you have a valid certificate on the Origin.

Similarly, firewall rules can only be used on the hostname that is :orange:.

1 Like

My problem is if i remove wild card and add CNAME for my sub domain and enable proxed i always get a 401 error.
Any subdomain i add is now getting blocked ?

I have Full Strict enabled with the following DNS here

Plex which is only DNS is found no issue and using RP

1 Like

I get a 401 from your web servers that are :grey:, and also making requests to your origin for other hostnames. The 401 is coming from your webserver, not from Cloudflare. You need to resolve the 401 issue when the hosts are :grey: and before putting them behind Cloudflare.

1 Like

HI Michael
I have done nothing but i can now reach my sub domains?
Can you check your end?

Also do you know if you enable DNSSEC in CF can it have any impact on your Reverse Proxy?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.