Jadus
CDCloudflare Developers
•Created by Jadus on 12/6/2024 in #general-help
DNS Proxy for multi-level CNAME
I'm looking into using the Cloudflare WAF in front of a web application where my DNS is already hosted authoritatively as part of an account on the free tier in Cloudflare. I can't figure out from the documentation if what I'm trying to do is supported.
There are two scenarios (based on DNS records):
1.
staff.env.mydomain.com (CNAME) -> resourceName.mydomain.com (A)
2. staff.prod.externaldomain.com (CNAME - not in Cloudflare) -> prod.mydomain.com (CNAME) -> resourceName.mydomain.com
In testing scenario #1, I enable "Proxied" feature on the resourceName.mydomain.com (A) record, however I don't see traffic in Cloudflare Analytics, and my test IP block rule doesn't fire.
Is this is a supported configuration?
If I set staff.env.mydomain.com (CNAME) to "Proxied" directly, then I get a warning about "Advanced Certificate Manager being necessary, which I haven't got to testing yet; and this wouldn't be possible in my scenario #2 where the actual hostname is external to me as it is.
My hope was to enable Proxied on my resource A record and get at least some of the features of the WAF working.4 replies