Monitor websites behind CDN with changing IP addresses


We have a scenario with an organization that runs multiple web-facing systems (websites / web-applications) and they switched to Cloudflare recently and use their CDN / WAF product. When they did so, we just changed the affected services to be part of a “fake host”.

Now over the weeks we’ve seen that they repeatedly change the IP addresses they publish for those web applications which led to
a) our “does DNS for xy.foobar.tld point to x.x.x.x”-checks obviously failed
b) our HTTP checks were still OK, but executed against the old IP address from within the host object, not the current one to which the domain/subdomain currently resolves to.

My initial thought would be to just not create the DNS checks, that would resolve a) - but would still not resolve problem b).

What are you guys doing to monitor such stuff behind a CDN when the CDN changes the IP addresses from time to time?

Cheers, Mario

Don’t use IP but FQDN in the host argument of the check, if the IP isn’t stable?

1 Like

Thanks @rivad

We’ve now configured the http checks to not only set http_vhost to the domain/subdomain that is about to be tested, but also the http_host to the same domain/subdomain. This way it works, independent of the IP address.

1 Like