Wildcard DNS Entry - Protection If Target IS Cloudflare Worker?

I see that in CloudFlare’s DNS FAQs they say this about wildcard DNS entries:

Non-enterprise customers can create but not proxy wildcard records.


If you create wildcard records, these wildcard subdomains are served directly without any Cloudflare performance, security, or apps. As a result, Wildcard domains get no cloud (orange or grey) in the Cloudflare DNS app. If you are adding a * CNAME or A Record, make sure the record is grey clouded in order for the record to be created.

What I’m wondering is if one would still get the benefits of CloudFlares infrastructure of the target of the wildcard CNAME record IS a Cloudflare worker, like my-app.my-zone.workers.dev? I imagine that since this is a Cloudflare controlled resource, it would still be protected for DDoS for example. Or is it that much of the Cloudflare security and performanace happening at this initial DNS stage that will be lost even if target is a Cloudflare worker?

Is this for a business application running on Cloudflare Workers? Or is this going to be for a personal project?

This is a general question to better understand how the infrastructure works, so imagine it could be either. If the answer changes for either scenario, I’d be very curious to understand why.

It may work, as an accidental convenience of the system design, but isn’t guarantee to continue to work that way. So for a personal project the risk of a change in behavior is low, different of one tries to build a business on the assumption.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.