An A, AAAA, CNAME, or MX record is pointed to your origin server exposing your origin IP address

If your zone contains any grey-clouded A, AAAA, CNAME, or MX records that point to the same origin server as one that serves your root domain, the following message will be seen:



This message is to let you know of the potential security risk that this represents. When an origin IP address is revealed, it makes it easier for potential attackers to attack your origin directly. Therefore we recommend that you address this warning - however it's worth noting that this cannot be fixed in all cases.

There are a couple of reasons why this might be shown, and these are outlined below.

- In some configurations this message may be unavoidable if a record needs to be grey-clouded to allow it to work through Cloudflare. This is particularly common in single-server setups in which one server handles multiple services, such as hosting a website as well as email. The warning will not cause any requests to be blocked, and can be ignored if you are aware of the risks.

- It's possible that a record is mistakenly grey-clouded. If you see records that share the same origin hostname/IP as the root domain which can safely be proxied through Cloudflare, please ensure that they are orange-clouded.

If you're still seeing this after addressing both of these points, please feel free to write to us at [email protected] and our support team will be happy to investigate further.

Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk