Exposing CNAME question


CF dns exposing CNAME record while CLOUD is still ON.

Exposing origin IP Address

@cloonan can you split from step, pls and thank you


@step can you elaborate, just saying that doesn’t give much about your problem, and or where the problem lies, like a screenshot would be nice


www is cname ( points to @)
@ is cname (points to some hostname)
Both has orange cloud enabled.
Now goto any DNS records scan site use dig

U will see (some hostname which will expose the actual server ip).


I’m testing your usage and waiting for my DNS to propagate with a zone and then I’ll be able to see whether something else is going on


What’s the result? I noticed this recently and had to change type cname to A type record.


I don’t see any changes in my dns yet, but yeah usually you should be using an A record for www as far as I’m concerned


I used to have cname in all my domain for easy management of server. Because if I move to new server I don’t have to update all domain. Just change the hostname IP once.


I’m unable to reproduce.


Can u disable orange cloud for www ? And check?


When its orange it uses cloudflare, when its grey it uses regular DNS routes, I’ve now tested both usages, and I cannot reproduce it either, my www cname works as suspected, using cloudflare’s dns when its orange, and my own when its not.



Hold on… I haven’t read the rest of this thread… But why do you have a CNAME pointing to cloudflare.com for your root domain?


its for testing, to show here, actual was different


Can you post a screenshot of all your DNS records with the exposing IP message you get? Redact IPs if necessary


may be my understanding was not right. i thought since root domain has orange cloud enabled if i did not enable for www sub domain it will still show cloudflare proxy IP because its CNAME pointed to root which has orange cloud enabled but i was wrong . i discovered this recently and updated the records.


you can read the dns records here https://viewdns.info/dnsreport/?domain=forumz.in

its about CNAME exposing which will automatically can expose the IP


I am aware of what the question was, and the fact that you can do a DNS record lookup on a domain.

Seeing that you now appear to have solved the problem, there is no need for this anymore.

closed #19

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.