How do I do CNAME setup?

CNAME setup is a manual process available to paid CloudFlare plans only at the Business or Enterprise plan level.

With CNAME setup, authoritative DNS remains elsewhere, and one or more CNAMEs are delegated to CloudFlare for acceleration and security.

Learn more about CloudFlare's DNS

Interested in CNAME setup?

First, contact CloudFlare with the domain you would like to set up via CNAME.

Use the subject line "CNAME setup <domain>" for faster review.

Allowing for CNAME setup is entirely at the discretion of CloudFlare. We're always curious to learn how we can improve our DNS to meet your needs.

If approved for CNAME setup - per our review process and policies - the process is described below.

Limitations of CNAME setup

Domains using CNAME setup have two limitations:

1. The DDOS protection for attacks against DNS infrastructure is only available for the delegated records.

2. CloudFlare's security and acceleration benefits are only available on delegated subdomains, such as www.example.com. The root domain, such as example.com, cannot be protected or accelerated via CloudFlare. This is due to DNS RFCs.

To send root domain traffic to CloudFlare, you may add a redirect on your webserver (.htaccess file or similar) to forward traffic to the subdomains proxied by CloudFlare.. 

Overview

1 -- Create a CloudFlare account and start adding your website, following the normal process.

2 -- STOP at Step 4 of the setup, where the website instructions ask you to change your nameservers. Do not change your nameservers.

3 -- Respond to your CloudFlare ticket with the domain name, the account email address, and whether you need SSL or not. The Business and Enterprise plans offer custom cert upload, but you'll also have a CloudFlare-issued wildcart cert which may need extra verification step for CNAME setup.

4 -- Your CloudFlare contact will email you a unique TXT record.

5 -- Add the TXT record to your authoritative DNS on the root record, with the subdomain host cloudflare-verify.example.com (replace example.com, of course). The TXT record value will be a number (e.g. 856172357-3825555).
Leave this TXT record in place.

6 -- CloudFlare's automated checker will verify the presence of the TXT record and email you confirmation of completion. (May take a few hours.

7 -- Add CNAME(s) to your authoritative DNS provider following the format provided (more detail below).

8 -- You're done!

Important

All requests accelerated and protected by CloudFlare will come from the CloudFlare IP addresses. Please make sure to whitelist all CloudFlare's IPs -- if you throttle or rate-limit these requests, your website will appear to be offline.

To see the original visitor IP address, we recommend installing mod_cloudflare to pull the original visitor IP address from the HTTP headers included with every request.

In Step 2 of adding your website, toggle the clouds to orange for the subdomain(s) you want CloudFlare enabled for. For the other subdomains, mark them as gray.

CNAME Format

When you reach Step 7 above, after verification of your TXT record is complete, use these formats.

The edit to the CNAME on your authoritiative DNS editor (not in CloudFlare's DNS settings) is to append .cdn.cloudflare.net to the entire hostname. The format of the CNAME record will be like this:

www.domain.com CNAME www.domain.com.cdn.cloudflare.net

You can add one or as many CNAMEs as you like to your authoritative DNS. Make sure there is a corresponding record in the CloudFlare DNS Settings that is marked with an orange cloud. Make sure the record(s) you want are enabled by toggling the clouds to orange. Replace EXAMPLE.COM with your domain in the URLs below.

https://www.cloudflare.com/dns-settings.html?z=EXAMPLE.COM

The logical flow of a CNAME lookup is show in the diagram below:

cname.png

 

CloudFlare Settings

Decide on your CloudFlare Settings. The defaults are fine, but you can start to get a feel for the options. Replace EXAMPLE.COM with your domain in the URL below.

https://www.cloudflare.com/cloudflare-settings.html?z=EXAMPLE.COM

More on SSL

If you need the CloudFlare-issued SSL with CNAME setup, there may be an extra manual step, unless one of the CNAMEs chosen is www.

If you use a different CNAME than www, ask your CloudFlare contact for the SSL verification meta tag which will need to be placed temporarily on your site at the root domain or www. You may also upload your custom SSL certification as a Business or Enterprise customer.

Turning CloudFlare Off

Once the record is live, you'll have two ways to disable CloudFlare, if you ever need to.

1) On the CloudFlare DNS Settings page, disable the proxy (click the cloud to Grey). You'll still use CloudFlare DNS for that record, if your authoritative DNS doesn't change, but it will be DNS only: no security or acceleration or other CloudFlare benefits.

2) Remove the CNAME record pointing to CloudFlare from your authoritative DNS.

Have more questions? Submit a Request

Comments

Article is closed for comments.