Proxied Site does not block IP Address Request

Hi all,

I have a Cloudflare WAF in front of various sites/domains of a costumer organization. I saw that we have a domain “example.com.br” and this domain is set as proxied in DNS. And also in DNS we have also other subdomains as “xyz.example.com.br” also set as proxied, however when I lookup this second domain it won’t give me the cloudflare DNS.

Example:
nslookup www.example.com.br
response: Cloudflare IP 104.x.x.x.

nslookup xyz.example.com.br
response: the IP of site and not cloudflare (even its set in cloudflare DNS as proxied).

Someone can explain me why this happens? Perhaps a fail or the cloudflare only proxy the “father” domains?

Thanks a lot

Are these actual sub-domains which are delegated to another nameserver or just regular hostnames? In the former case you couldn’t proxy that, in the latter you’d need to make sure the record is set to :orange:.

What’s the domain?

They are just regular hostnames.

As example: the father domain is totvs.com.br
and one subdomain is pwd.totvs.com.br (set as proxied but nslookup returns the real IP)

That domain is not using Cloudflare to begin with.

And it’s just the A type set to proxied.

Yes. It isnt. But its setted as proxied in Cloudflare’s DNS configuration.

It can be set to whatever you want :wink: if the domain is not using Cloudflare none of that will matter. You first need to configure your domain for Cloudflare.

So if I add totvs.com.br as a site, this site subdomains (as pwd.totvs.com.br) won’t pass? Sorry I may told you something wrong, the pwd.totvs.com.br is a totvs.com.br subdomain

It has nothing to do with any records. The issue is your domain is not configured for Cloudflare.

nslookup -type=ns totvs.com.br a.dns.br
Server:  a.dns.br
Address:  200.219.148.10

totvs.com.br    nameserver = cerberus.totvs.com.br
totvs.com.br    nameserver = quiron.totvs.com.br
totvs.com.br    nameserver = zelo.totvs.com.br

You first need to complete the setup. Check out support.cloudflare.com for how to do that.

What I see as something strange, because this domain is setted as a site in cloudflare WAF.

I don’t know what you mean by “settled” and maybe you had the nameservers changed at some point, but currently that domain is not using Cloudflare. The .com domain it redirects to does, but that’s a different domain.

And yes, the .br domain has got Cloudflare nameservers too, but you are not using them, which brings us back to aforementioned setup you need to complete.

Now I understand. Ok so, I will check these configurations at all. Thanks a lot for your help and time.

Best regards.

A last question,

Why www.totvs.com.br shows me cloudflare IPs? If the domain totvs.com.br isn’t. I didn’t deploy the cloudflare there, but now I admin the tool, it can be a configuration fault when they add the site?

C:\Users\lucas.banker>nslookup totvs.com.br
Servidor: svwvvixdc10.ish.local
Address: 172.31.200.40

Não é resposta autoritativa:
Nome: totvs.com.br
Address: 35.196.204.27

C:\Users\lucas.banker>nslookup -type=ns totvs.com.br
Servidor: svwvvixdc10.ish.local
Address: 172.31.200.40

Não é resposta autoritativa:
totvs.com.br nameserver = cerberus.totvs.com.br
totvs.com.br nameserver = ns-1868.awsdns-41.co.uk
totvs.com.br nameserver = ns-1223.awsdns-24.org
totvs.com.br nameserver = quiron.totvs.com.br
totvs.com.br nameserver = zelo.totvs.com.br

C:\Users\lucas.banker>nslookup www.totvs.com.br
Servidor: svwvvixdc10.ish.local
Address: 172.31.200.40

Não é resposta autoritativa:
Nome: www.totvs.com.cdn.cloudflare.net
Addresses: 2606:4700::6812:f2b
2606:4700::6812:e2b
104.18.14.43
104.18.15.43
Aliases: www.totvs.com.br
www.totvs.com.br

C:\Users\lucas.banker>nslookup -type=ns www.totvs.com.br
Servidor: svwvvixdc10.ish.local
Address: 172.31.200.40

Não é resposta autoritativa:
www.totvs.com.br canonical name = www.totvs.com
www.totvs.com canonical name = www.totvs.com.cdn.cloudflare.net

You set a CNAME to your .com domain, that shouldn’t work either.

You really first need to clarify how you set up your .br domain and if there is anywhere a Cloudflare integration.

Yes, I will need to clarify this with the customer. Thank you a lot.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.