Some of your DNS only records are exposing IPs that are proxied through Cloudflare. Make sure to proxy all A, AAAA, and CNAME records pointing to proxied records to avoid exposing your origin IP

good day i keep getting this errors “Some of your DNS only records are exposing IPs that are proxied through Cloudflare. Make sure to proxy all A, AAAA, and CNAME records pointing to proxied records to avoid exposing your origin IP.”

and now my website is down

please help me.

Does your server work if you disable cloudflare? (remove the “Proxied” option and leave it as “DNS only”).

Guessing your www record should be an A record to the IP (orange cloud) and not CNAME
(I’d also blur out the IP to the root in the screencap to avoid IP being exposed)

This is not an error it is an informational message.

Likely unrelated to the informational message.

curl -Ikv https://www.reviewsbydelicious.com --resolve www.reviewsbydelicious.com:443:<your.true.origin.ip>
* Added www.reviewsbydelicious.com:443:<your.true.origin.ip> to DNS cache
* Hostname www.reviewsbydelicious.com was found in DNS cache
*   Trying <your.true.origin.ip>:443...
* TCP_NODELAY set
* Connected to www.reviewsbydelicious.com (<your.true.origin.ip>) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS alert, internal error (592):
* error:14000438:SSL routines::tlsv1 alert internal error
* Closing connection 0
curl: (35) error:14000438:SSL routines::tlsv1 alert internal error

Your origin server is unable to serve an SSL session as indicated in the Cloudflare error message.

yes it does work if i disable cloudfare

thank you. how to i change an A record to the IP (orange cloud) and not CNAME

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.