Either DNS is taking long to update or it's not setup right

My DNS records aren’t updating. I set up an A record that proxies our domain (rugbymud.com) to the desired IP address (app host) but it has not updated yet. The IP address being reached is for a deleted A record (172.67.xxx.141). When the domain is reached, the application should route to IP 54.90.xxx.228`.

It is expected that the DNS record doesn’t change when proxied. It points to a Cloudflare IP address and Cloudflare uses the value of the DNS record when making a request from Cloudflare to your origin server.

Thanks for responding, but I’m not sure I understand your answer. The IP address which is currently being routed to was a deleted A record- essentially an IP that leads to nowhere. An error I’m running into is that when I go to my domain, it says that I’ve been redirected to many times even though I only set one A record which points to where my application is hosted. Here is what my DNS records look like. Is there anything that looks off?

Sounds like you have Flexible mode enabled, go here https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls and change it to full strict. If that doesn’t work, then unproxy the record temporarily to see if you are able to load the site with https correctly.

Amazing, I turned the SSL/TTL encryption to FULL since I have a self assigned certificate on the server and that did the trick.

Thank you Jak3!

That’s the precise opposite of what @Cyb3r-Jak3 wrote and you basically dropped all encryption now and have an insecure site.

The rule here states that is encrypts traffic end to end using a self-signed cert on the server. Based on the literal definition of this rule, it sounds like you’re wrong. I don’t have a paid CA or cloudflare certificate, so the full-strict mode wouldn’t work.

I only discuss the same topic about five to ten times every day for years at this point :wink:

The mode you highlighted is said insecure, legacy mode without proper encryption. And yes, you actually even have a valid certificate on your server.

Again, follow @Cyb3r-Jak3’s advice and properly secure your site by choosing Full Strict.

1 Like

Thanks Sandro, you’re right. I implemented the change and the website works fine.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.