To proxy or not to proxy

Is there a clash if I proxy (orange icon) on CNAMES that route URL addresses to AWS cloudfront or API Gateway?

The reason is I get a weird error when I turn on the cloudflare proxy on AWS API gateway. It ends up throwing up an internal server error or 503. But only from our apps, and not from our website, which is confusing.

Any experience with using AWS Cloudfront distributions or API Gateway with proxied DNS from Cloudflare?

I found something on the help page, which may explain this, as when I set it to “Medium” it seems resolved. but I would like to hear about your past experience?

What Security Level should I select?

The Security Level you choose will determine which visitors will be presented with a challenge page. We recommend starting out at Medium.

  • Essentially off: Challenges only the most grievous offenders
  • Low: Challenges only the most threatening visitors
  • Medium: Challenges both moderate threat visitors and the most threatening visitors
  • High: Challenges all visitors that have exhibited threatening behavior within the last 14 days
  • I’m Under Attack!: Should only be used if your website is under a DDoS attack
    • Visitors will receive an interstitial page while we analyze their traffic and behavior to make sure they are a legitimate human visitor trying to access your website

Note: I’m Under Attack! may affect some actions on your domain. For example, it may block access to your API. You can set a custom security level for any part of your domain using Page Rules.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.