Is there a risk with having a wildcard / catch-all 'A' record?

Since switching to using Cloudflare, I’ve noticed that there are a lot of DNS records for each of our domain names. Please see screenshot below for one of them, our domain

Can you kindly let me know if these DNS records seem to be OK please?

Also, are any of them unnecessary and can be deleted?

The only one I have added manually is the catch-all ‘A’ record “*” (star) pointing to our host’s address, which one website recommended for Cloudflare DNS settings. However, in Cloudflare it has an exclamation mark warning next to it stating it will be “exposing IPs that are proxied through Cloudflare”. Therefore should it be deleted or remain?

Thank you very much. I greatly appreciate your help.

Because your server hosts email and the website, you have no choice but to expose the origin’s IP address.

As for the wildcard DNS entry, those are generally not advisable.

Speaking of email, the ‘mail’ record is a CNAME that points to your root domain which is set to :orange:. That ‘mail’ record should be an “A” record with your server’s IP address, and set to :grey: DNS Only. Cloudflare does not proxy email connections.

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.