Should I proxy my CNAME as it refers to my proxied domain

Answer these questions to help the Community help you get started.

What is the domain name?
jellonationDOTco

Have you searched for an answer?
Yes

Describe the issue you are having:
When I created the CNAME mDOTjellonationDOTco and proxied it, it never appeared in propagation checks with whatsmydns.

After “thinking” this through, the proxy didn’t make sense since this CNAME subdomain was pointing to my domain which is proxied… so why double proxy?

Shortly after removing the proxy feature from the CNAME, propagation occurred in seconds.

What’s the best way to do this? If it makes a difference, the subdomain is using a wildcard cert. Thank you!

It’s entirely up to you. It’s not “double proxy”. Cloudflare’s systems are smarter than that.

Do you want/need to use any Cloudflare features on that subdomain? It’s for you to decide. For example, if you wanted to use Page Rules for forwarding, it would need to be proxied. If you want Cloudflare’s caching and DDoS protection on the subdomain, it has to be proxied.

Keep in mind that if you’re trying to keep your origin IP completely secret, an unproxied CNAME pointing to it will reveal the IP, even if the CNAME target is proxied. But for most people that doesn’t really matter.

1 Like

I’d just like to state that it does matter for DDOS protection, because instead of hitting Cloudflare they can just go straight for the host IP address.

2 Likes

Good points. I have activated the proxy. Thank you both for your inputs.