I have enabled some sub-domains through the Netlify DNS control panel that forward to an IP address of another server. When I ping the subdomain address, I see the actual IP address of the servers. If I was doing this through the Cloudflare DNS I would have the option of proxying these subdomains for protection. Is there a way to achieve this through the Netlify DNS management system?
Note, using Netlify DNS isn’t required. You can also use third-party DNS (like Cloudflare’s DNS). If you do move to Cloudflare for DNS, you can still host the sites at Netlify using that domain but there are important considerations which are covered in the support guide below:
To summarize, you must either not proxy for the domains hosted at Netlify (but you could proxy for sites hosted outside of Netlify which were using subdomains of that domain) or bring your own SSL certificate if you decide to use their proxy feature.
If there are other questions about this, please let us know.
This is the feature I am trying to achieve, as found on CloudFlare:
7. (Optional) Some record types such *A* , *AAAA* , and *CNAME* allow a customer to toggle the Cloudflare proxy on or off. For the **Cloudflare Proxy Toggle:**
* An *orange cloud icon* proxies traffic through Cloudflare for the DNS record **Name** .
* A *grey cloud icon* ensures traffic for the DNS record **Name** is not proxied to Cloudflare. Cloudflare still serves DNS for a grey clouded DNS record, but no other Cloudflare features such as SSL, page rules, caching, WAF, etc are applied.
Grey cloud icons for *A* , *AAAA* , or *CNAME records* will expose your origin IP address to attackers and allows them to attack your origin IP address directly even if you later proxy traffic to Cloudflare. Direct attacks to your origin IP are only mitigated by asking your hosting provider to change your origin IP address.
hey @maggie0002 - as mentioned above already, if you’d like to have the feature you are describing, that won’t work on our services - but the information you need to make this happen via cloudflare is included in that guide