Nxdomain DNS attack on my website

Dear Cloudflare Community

My domain has a lot of Nxdomain DNS replies (domain not exist on analytics)

Please check the screenshot attached

timestamp date ( 04/02/2024 20:59 GMT)

I hope you can give me an advice or what to do to fix such issue
I’ve reached my web hosting provider he replied that this problem isn’t on their hosting end and i need to contact cloudflare for help.

Many Thanks

As these are all at the same time, likely an internet scanner has requested a lot of subdomains for your site that don’t exist. As they don’t exist (NXDOMAIN means “non-existing domain”), it won’t affect your site in any way and Cloudflare’s DNS infrastructure handles all the requests anyway.

As long as you don’t add a wildcard DNS record (which could match all these, so result in requests to your origin), then you can just ignore this.

My test here for example can make over 300 DNS queries within a minute to a domain to try and find what records are available, most will fail. (You can try it if you want to see the NXDOMAIN spike that results!).

2 Likes

so you mean i just need to check my dns records on cloudflare side and remove not needed right ?

Cloudflare DNS is designed to respond to hundreds of thousands of DNS queries per second. They claim to be able to serve DNS for anyone (including the .gov TLD). A few hundred negative responses per minute are a rounding error and can be ignored.

based on analytics it seems some people can’t access the domain (404 error)

is my statistics normal or I’m losing real traffic that’s what is important ?

A 404 error is an HTTP error returned by a web server. It means a resource was not found. You should review your web application logs to determine what requests are returning that error code and what impact, if any, that has.