Unexpected DNS records
You find several unexpected DNS records after adding your domain to Cloudflare.
A wildcard (*) record at your previous authoritative DNS provider may have been imported into Cloudflare in a way that creates additional records.
To solve this issue, you can do one of the following:
-
Remove and re-add your domain:
- Remove your domain from Cloudflare.
- Delete the wildcard record from your authoritative DNS.
- Re-add the domain.
You might notice TXT records like _acme-challenge.<hostname> are returned by your domain but cannot be found on the DNS tab of your Cloudflare dashboard.
These records are automatically created to allow Cloudflare edge certificates (universal, advanced, and backup) to be provisioned. _acme-challenge records are required by certificate authorities (CAs) so that they can verify your domain ownership before issuing the SSL/TLS certificate. For details, refer to Domain control validation (DCV).
As these records are tied to the certificates, they cannot be deleted from the DNS tab of your Cloudflare dashboard.
If you need more _acme-challenge.<hostname> TXT records in order to provision certificates on your side, you can manually add them under DNS records ↗.
If you want to remove these records:
- Disable Universal SSL to remove the records related to universal and backup certificates.
- Delete advanced certificates to remove the records related to advanced certificates.
You notice DNS queries returning incorrect results even after you waited for the TTL to expire.
Third-party tools can sometimes fail to return correct DNS results if a recursive DNS cache fails to refresh.
In this circumstance, purge your public DNS cache via these methods:
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Directory
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- © 2026 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
-
