ServerTrack.io

Cloudflare Proxy Issues

Last updated: January 30, 2026 • 5 min read

Common issues when using Cloudflare with ServerTrack, including proxy mode conflicts and DNS-only configuration.

Introduction

Cloudflare is a popular DNS and CDN service. When using Cloudflare with ServerTrack, it's important to configure DNS records correctly. This guide covers common Cloudflare proxy issues and how to resolve them.

Critical: For ServerTrack custom domains, Cloudflare proxy MUST be disabled (DNS Only / Grey Cloud). ServerTrack handles SSL certificates directly, and Cloudflare proxy interferes with SSL certificate generation and domain verification.

Cloudflare Proxy vs DNS Only

Cloudflare offers two modes for DNS records:

Proxy Mode (Orange Cloud)

  • Cloudflare acts as a proxy between users and your server
  • Traffic goes through Cloudflare's network
  • Cloudflare handles SSL/TLS termination
  • NOT recommended for ServerTrack tracking domains

DNS Only Mode (Grey Cloud)

  • Cloudflare only provides DNS resolution
  • Traffic goes directly to your server (ServerTrack)
  • No proxy layer
  • REQUIRED for ServerTrack tracking domains

Why DNS Only is Required

ServerTrack tracking domains must use DNS Only mode because:

  • SSL Certificate Generation: ServerTrack needs direct access to generate SSL certificates via Let's Encrypt
  • Domain Verification: Verification requires direct DNS resolution to ServerTrack IP
  • No Proxy Interference: Proxy mode can interfere with certificate generation
  • Direct Traffic: Tracking events need to go directly to ServerTrack servers

Common Cloudflare Proxy Issues

1. Domain Verification Fails

Symptoms: Domain verification fails even though DNS record is correct.

Cause: Cloudflare proxy is enabled (orange cloud), preventing direct DNS resolution.

Solution:

  • Log in to Cloudflare dashboard
  • Go to DNS → Records
  • Find your tracking subdomain A Record
  • Click the orange cloud icon to disable proxy (turn it grey)
  • Wait 1-2 minutes for changes to propagate
  • Retry domain verification in ServerTrack

2. SSL Certificate Generation Fails

Symptoms: SSL certificate doesn't generate after domain verification succeeds.

Cause: Cloudflare proxy blocks Let's Encrypt certificate validation.

Solution:

  • Ensure Cloudflare proxy is disabled (grey cloud)
  • Verify DNS A Record points directly to ServerTrack IP
  • Wait for DNS propagation (15-30 minutes)
  • Retry domain verification
  • SSL certificate should generate automatically after verification

3. Events Not Reaching ServerTrack

Symptoms: Tracking script loads but events don't appear in logs.

Cause: Cloudflare proxy might be interfering with event delivery.

Solution:

  • Ensure tracking domain uses DNS Only mode
  • Verify DNS resolves correctly to ServerTrack IP
  • Check browser network tab to see if requests reach ServerTrack

Configuring Cloudflare Correctly

Step 1: Add DNS A Record

  • Log in to Cloudflare dashboard
  • Select your domain
  • Go to DNS → Records
  • Click "Add record"
  • Select Type: A
  • Enter Name: Your subdomain (e.g., "data")
  • Enter IPv4 address: ServerTrack IP address
  • Important: Ensure cloud icon is Grey (DNS Only), not Orange
  • Set TTL: Auto or 1 minute
  • Click "Save"

Step 2: Ensure Proxy is Disabled

After adding the record:

  • Check the cloud icon next to your A Record
  • If it's Orange (Proxied), click it to turn it Grey (DNS Only)
  • Wait 1-2 minutes for Cloudflare to update

Step 3: Verify DNS Resolution

  • Use DNSChecker.org to verify DNS propagation
  • Enter your tracking subdomain (e.g., data.yoursite.com)
  • Select "A" record type
  • Check multiple locations
  • All should resolve to ServerTrack IP address

Cloudflare SSL/TLS Settings

For your main domain (not tracking subdomain), Cloudflare SSL/TLS settings don't affect ServerTrack:

  • Tracking subdomain uses DNS Only, so SSL is handled by ServerTrack
  • Main domain SSL settings (Full, Full Strict, etc.) don't affect tracking subdomain
  • Only DNS record proxy setting matters

Troubleshooting Steps

1. Check Proxy Status

  • Log in to Cloudflare dashboard
  • Go to DNS → Records
  • Find your tracking subdomain A Record
  • Check cloud icon color:
    • Orange: Proxy enabled (WRONG - must disable)
    • Grey: DNS Only (CORRECT)

2. Disable Proxy if Needed

  • Click the orange cloud icon
  • It should turn grey (DNS Only)
  • Wait 1-2 minutes
  • Verify change is saved

3. Verify DNS Propagation

  • Use DNS checker tool
  • Verify domain resolves to ServerTrack IP
  • Wait if propagation is incomplete
  • Retry domain verification

4. Retry Domain Verification

  • Go to ServerTrack dashboard
  • Navigate to Domain Setup
  • Click "Verify Domain"
  • Should succeed with DNS Only mode enabled

Main Domain vs Tracking Subdomain

Important distinction:

  • Main Domain (yoursite.com): Can use Cloudflare proxy (orange cloud) - doesn't affect ServerTrack
  • Tracking Subdomain (data.yoursite.com): MUST use DNS Only (grey cloud) - required for ServerTrack

You can use different settings for different subdomains. The tracking subdomain specifically needs DNS Only mode.

Prevention Tips

  • Always Check Proxy Status: When adding DNS records, ensure cloud icon is grey
  • Double-Check After Changes: Verify proxy is still disabled after any Cloudflare changes
  • Document Settings: Note that tracking subdomain requires DNS Only mode
  • Test After Configuration: Verify domain resolves correctly before verification

Common Mistakes

  • Forgetting to Disable Proxy: Most common mistake - forgetting to click the cloud icon
  • Enabling Proxy Later: Accidentally enabling proxy after initial setup
  • Wrong Record Type: Using CNAME instead of A Record (ServerTrack requires A Record)
  • Wrong IP Address: Pointing to wrong ServerTrack IP address

When to Contact Support

Contact ServerTrack support if:

  • Domain verification fails even with DNS Only mode enabled
  • DNS resolves correctly but SSL certificate doesn't generate
  • You've followed all steps but still experiencing issues
  • You need assistance verifying Cloudflare configuration

Summary

Cloudflare configuration for ServerTrack:

  • Required: DNS Only mode (grey cloud) for tracking subdomain
  • Not Allowed: Proxy mode (orange cloud) for tracking subdomain
  • Use A Record: Not CNAME
  • Point to ServerTrack IP: Correct IP address from dashboard

Key steps:

  • Add A Record with tracking subdomain
  • Ensure cloud icon is grey (DNS Only)
  • Wait for DNS propagation
  • Verify domain in ServerTrack
  • SSL certificate generates automatically

Remember: The tracking subdomain specifically needs DNS Only mode. Your main domain can use proxy mode without affecting ServerTrack.

For more information, see our Domain Verification Troubleshooting and SSL Certificate Issues guides.

Was this article helpful?

Please log in to provide feedback on this article.