Candid

Cloudflare's CNAME Cross-User Banned policy is a security measure that prevents a domain configured as a CNAME from pointing to a hostname in a different Cloudflare account. This policy protects websites from domain hijacking and misconfiguration that could lead to service disruption or security breaches. It enforces that CNAME records stay within the same account, ensuring that only authorized users can manage DNS settings.

• Cross-Account Protection: Blocks CNAME records that resolve to a hostname owned by another Cloudflare account, preventing unauthorized domain mapping.
• Error 1014 Feedback: When triggered, users see a clear error page (Error 1014) explaining the violation and suggesting corrective actions.
• R2 Custom Domain Support: For R2 buckets, the policy correctly handles initialization delays and guides users to set up custom domains properly.
• Security Policy Enforcement: Aligns with Cloudflare's terms of service to maintain account isolation and prevent DNS abuse.
• User Guidance: Provides actionable steps, such as checking custom domain setup or contacting support, reducing resolution time.