How does the tool detect that a site is behind Cloudflare?
It checks several signals: nameservers ending in .ns.cloudflare.com, the resolved IP falling inside published Cloudflare ranges, specific HTTP response headers like cf-ray and server: cloudflare, and the presence of Cloudflare-specific cookies. Combining these signals catches both DNS-only and full-proxy customers. The detector reports each indicator separately so you can see exactly why a site was identified as a Cloudflare property.
Why would someone want to know if a site uses Cloudflare?
Cloudflare hides the origin server's IP, so security researchers, ops teams, and competitive analysts often want confirmation before deciding how to inspect a target. Knowing a site is on Cloudflare also informs decisions about caching, rate-limiting, and whether traditional uptime probes against the IP will work. Some integrations and audits require disclosure of CDN usage, and the detector provides quick documentation.
Does using Cloudflare hide my real server completely?
It hides the IP from casual lookups, but determined investigators can sometimes uncover the origin through historical DNS records, SSL certificate transparency logs, email headers, misconfigured subdomains that bypass the proxy, or shared hosting fingerprints. To stay hidden, lock down origin firewall rules to accept only Cloudflare IPs, scrub historical DNS data where possible, and avoid exposing the origin in non-proxied subdomains.
What is the difference between proxied and DNS-only Cloudflare?
A proxied record routes traffic through Cloudflare's edge, providing caching, WAF, and DDoS protection while hiding the origin IP. A DNS-only record uses Cloudflare just to answer queries; the response contains the origin IP directly. The detector distinguishes the two because DNS-only customers do not benefit from the proxy and are visible to anyone who runs a basic DNS lookup.
Do all Cloudflare features work with the proxy turned off?
No. Caching, WAF, rate limiting, bot management, image optimization, and most security features require the orange cloud, meaning the record is proxied. DNS-only mode still gives you fast resolution and DNSSEC, but skips everything edge-related. Many performance complaints turn out to be records inadvertently flipped to DNS-only. The detector helps confirm that critical hostnames are still proxied as intended.
Is Cloudflare always the right choice?
Cloudflare is excellent for global static sites, public APIs, and anything that benefits from edge caching and DDoS protection. It is less ideal for highly regulated traffic that cannot transit a third-party network, sites that depend on the visitor's real IP without configuration, or workloads where any TLS termination at the edge is forbidden. Evaluate your privacy and compliance needs before enabling proxying.
