Hi, there are many DNS records associated with my domain. And honestly I’m not sure if it’s OK that all of them are set to be proxied (except those where this setting isn’t available). Attached is the screenshot of my dashboard. I replaced my actual domain with ‘mydomain.com’ and my original server’s IP with 100.10.100.100.
Would anyone be so kind and let me know whether I should toggle anything to ‘DNS only’?
Greetings,
Thank you for asking.
I would go with below:
A ftp → it’s more securely way to connect/access by the server IP directly via FileZilla or some other FTP appCNAME mailMX record) if so make sure the target of that CNAME mail hostname is the same as in MX record, just make sure it’s set to 
(DNS-only), if you are going to use mail.yourdomain.com hostname in some e-mail client (MS Outlook, AppleMail, Mozilla Thunderbird …) it might throw an error due to the SSL certificate (as the hostname of your domain name wouldn’t be located in the SAN field of the SSL cert. and you should use your e-mail provider’s hostname for POP/IMAP/SMTP rather than your mail.yourdomain.com)A mail and point it to your server IP, make sure it’s unproxied and set to (DNS-only)A webdisk → if not using, remove, otherwise set to (DNS-only)A cpanel → if you are uploading/download (or using WAF at Cloudflare), it’s better to set it to (DNS-only), nevertheless I usually access to my Website’s cPanel through my hosting provider interface (or using a hosting provider’s hostname), therefore no need to keep the cPanel DNS record and I remove itA cpcalendars and A cpcontacts, I usually keep them at (DNS-only) when using cPanel Webmail (if not using them, you can remove them)A webmail → I keep it on (DNS-only), otherwise if using 3rd-party, you can keep it on 
therefore create a Page Rule so it would redirect to the 3rd-party Webmail rather than to the cPanel integrated WebmailA www, so would prefer to remove CNAME www, therefore add new A www pointed to the server IP and make sure it’s set to proxied As far as using cPanel, I assume you also have got AutoSSL.
If AutoSSL couldn’t be generated for yourdomain.com and www.yourdomain.com afterwards, there is a solution for it to temporary switch A www and A domain.com records to (DNS-only), wait for a few minutes, then run the AutoSSL at cPanel.
Upon success, switch them both back to proxied and make sure you are using Full (Strict) SSL option under the SSL/TLS tab of Cloudflare dashboard for your domain name.
I hope it helps a bit 
thank you very much for your generous reply!
I need to dig deeper on the SSL issue, but first I need to read the available content
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.