Using cloudflare? check your DNS records.

Hey G33ks,

So as some of you may know, I always recommend the use of Cloudflare when having a website.
Not just because it speeds up your website by caching it, but also because it protects your web server against the most common form of (D)DoS.
But, some have their DNS settings setup very poorly.

I help at DevineHQ.eu here and there, and I noticed something was off..
Now while the “normal” domains (like www, music and games) where protected by Cloudflare,
when I pinged random stuff like huehuehue (which is my standard test phrase) I still managed to get the IP of the actual webhost.
Upon investigation in the Cloudflare DNS settings, I noticed something odd.
The project leader had put a wildcard (*) in his DNS Zone…
Yea… that can’t go well…
After I removed the wildcard, and added all sub domains by using CNAMES.
Now this removed the issue pretty much.

Bottom line of the story:
please check your DNS settings.
If you need help with that, you can go to DNSDumpster to check your DNS zone.

Please note that I have no clue how to fix the MX stuff yet as Cloudflare doesn’t proxy MX records.

G33k Out!

Leave a reply