I have an uncommon setup that is producing a strange issue.
My domain is using Cloudflare DNS with my apex domain pointing to a CloudFront distribution (with Cloudflare proxying enabled). Depending on the request that CloudFront receives, it may decide to forward it to my Node.js server (hosted with Render).
To verify my custom domain with Render, I temporarily set the CNAME of my apex domain to equal the *.onrender.com
domain that points to my Node.js server. After a SSL certificate was issued, I switched the DNS back to my CloudFront distribution (and Cloudflare proxying still enabled).
But now, certain requests to my custom domain are being handled by my Node.js server directly (as in, not going through CloudFront) when they shouldn’t be. My suspicion is that it’s related to Render using Cloudflare for DDOS protection, and so Cloudflare is getting confused.
edit: When I disable Cloudflare proxying, the once broken requests work as expected, so it’s definitely Cloudflare getting confused.