CF dns exposing CNAME record while CLOUD is still ON.
@step can you elaborate, just saying that doesn’t give much about your problem, and or where the problem lies, like a screenshot would be nice
www is cname ( points to @)
@ is cname (points to some hostname)
Both has orange cloud enabled.
Now goto any DNS records scan site use dig
U will see (some hostname which will expose the actual server ip).
I’m testing your usage and waiting for my DNS to propagate with a zone and then I’ll be able to see whether something else is going on
What’s the result? I noticed this recently and had to change type cname to A type record.
I don’t see any changes in my dns yet, but yeah usually you should be using an A record for www as far as I’m concerned
I used to have cname in all my domain for easy management of server. Because if I move to new server I don’t have to update all domain. Just change the hostname IP once.
I’m unable to reproduce.
Can u disable orange cloud for www ? And check?
When its orange it uses cloudflare, when its grey it uses regular DNS routes, I’ve now tested both usages, and I cannot reproduce it either, my www cname works as suspected, using cloudflare’s dns when its orange, and my own when its not.
Hold on… I haven’t read the rest of this thread… But why do you have a CNAME pointing to cloudflare.com for your root domain?
its for testing, to show here, actual was different
Can you post a screenshot of all your DNS records with the exposing IP message you get? Redact IPs if necessary
may be my understanding was not right. i thought since root domain has orange cloud enabled if i did not enable for www sub domain it will still show cloudflare proxy IP because its CNAME pointed to root which has orange cloud enabled but i was wrong . i discovered this recently and updated the records.
you can read the dns records here https://viewdns.info/dnsreport/?domain=forumz.in
its about CNAME exposing which will automatically can expose the IP
I am aware of what the question was, and the fact that you can do a DNS record lookup on a domain.
Seeing that you now appear to have solved the problem, there is no need for this anymore.