Blocking a country using Cloudflare and the new webflow DNS rules

So this year Webflow said they are migrating their infrastructure to Cloudflare so we need to change our DNS to match that. https://help.webflow.com/hc/en-us/articles/43788433744147-Update-your-DNS-settings-for-Webflow-s-Cloudflare-migration

On Cloudflare’s DNS, I had to disabled proxied (orange cloud), and enable DNS only(grey cloud). The problem now is that I want to block a country because I am getting a huge spike of traffic and I suspect it’s AI bots using my site for training, so I woukd like to block that particular country.

So I created cliudflare security rules for that country, but they onlky work if I change my DNS settings to proxied and nto DNS only in Cloudflare. BUT once I do that, for some reason it only works for the www version and not the root(default), and also I get a warning in my webflow site settings which says I need to change my DNS records (by basically switching to DNS only again).

So it appears that I can not use cloudflare’s great features if I also use webflow? Is there a workaround for this?

That is Webflow’s default configuration, but it also supports a proxied configuration and it’s very easy to enable.

image1113×225 11.1 KB

https://help.webflow.com/hc/en-us/articles/45039458051347-Using-Cloudflare-Orange-to-Orange-O2O-with-Webflow

In the O2O configuration, you’ll still see a warning that your DNS configuration is unrecognized- Webflow’s aware of that. You can just ignore it.

Thank you! So you’re saying I can ignore this warning? Why did they add it in the first place if I shouldn’t actually be DNS-only in order for the records to work?

image1028×441 45.8 KB

Anyway, I enabled proxied in cloudflare DNS now and the country block works for www, but not for the root. Any idea what could cause the rule to not apply to the root?

Yep, ignore the “Update needed” warning. As you’ve seen in the O2O docs your configuration is correct for Cloudflare proxying.