Proxy DNS record

Hello, Cloudflare Community:
I have done Core Setup and a Health Check, and have received this error message:
“Make sure to proxy all A, AAAA, and CNAME records pointing to proxied records to avoid exposing your origin IP.”
I am a novice and have no idea what I am being asked to do to fix this. Here’s a screenshot showing the flagged record that needs to be changed.
I would greatly appreciate any help that any of you could give me.
Best regards,
Debbee

Hi there!

This looks like the issue here is the wildcard record – since it is set to “DNS Only” – that means that CF will only resolve DNS for the wildcard subdomain.

Generally for proxied records, you will find it will resolve to one of Cloudflare’s Anycast IPs but for “DNS Only” – it will resolve to the origin. We resolve to CF IPs for security, so attackers or malicious actors can’t bypass the proxy and make requests against your server IP directly.

The warning comes from the “DNS Only” record sharing an origin with another subdomain, since one is exposed, the other is not.

One final thing I should mention is we only allow proxying for wildcard DNS records on our Enterprise plan subscription unfortunately – on other plan levels we only resolve DNS.

Anyway, I hope this helps!

Hi, Peter:

Thank you so much for taking the time to share this info with me … Unfortunately I’ve reached the limit of my understanding :frowning:

I think my only course of action now is to build a new website that will have SSL provided automatically.

Thanks again!
Debbee

That’s certainly the right way to do it.

1 Like

Thank you so much for confirming I’ve made the right choice. Much appreciated!
Stay well, and take care,
Debbee

1 Like