CNAME setup is a manual process generally available to paid CloudFlare plans only, at the Business level or higher, where authoritative DNS remains elsewhere, and one or more CNAMEs are delegated to CloudFlare for acceleration and security.
Interested in testing CNAME setup?
First, contact CloudFlare with the domain you would like to test CNAME with via our Support site.
Use the subject line "CNAME setup <domain>" for faster review.
Allowing for CNAME setup is entirely at the discretion of CloudFlare. We're always curious to learn how we can improve our DNS to meet your needs.
If approved for CNAME setup - per our review process and policies - the process is described below.
1 -- Create a CloudFlare account and start adding your website, following the website instructions.
2 -- STOP at Step 4 of the setup, where the website instructions ask you to change your nameservers. Do not change your nameservers.
3 -- Respond to your CloudFlare ticket with the domain name, the account email address, and whether you need SSL or not. The Business and Enterprise plans offer custom cert upload, but you'll also have a CloudFlare-issued wildcart cert which may need extra verification step for CNAME setup.
4 -- Your CloudFlare contact will email you a unique TXT record.
5 -- Add the TXT record to your authoritative DNS, with the subdomain host cloudflare-verify.example.com (replace example.com, of course). The TXT record value will be a number (e.g. 856172357-3825555).
6 -- CloudFlare's automated checker will verify the presence of the TXT record and email you confirmation of completion. (May take a few hours.)
7 -- Add CNAME(s) to your authoritative DNS provider following the format provided (more detail below).
8 -- You're done!
All requests accelerated and protected by CloudFlare will come from the CloudFlare IP addresses. Please make sure to whitelist all CloudFlare's IPs
If you throttle or rate-limit these requests, your website will appear to be offline.
To see the original visitor IP address, we recommend installing mod_cloudflare to pull the original visitor IP address from the HTTP headers included with every request.
Limit of CNAME signup
CNAME setup can only work for CNAME subdomains (DNS RFC Compliance). If you want to protect an A record like your root domain then you will have to add a redirect in your .htaccess file to forward that traffic to the record we are proxying.
When going through the CloudFlare sign up, we advise making sure your full zone record is copied, even though you won't be moving authoritative DNS to CloudFlare during this process.
In Step 2 of adding your website, toggle the clouds to orange for the subdomain(s) you want CloudFlare enabled for. For the other subdomains, mark them as gray.
When you reach Step 7 above, after verification of your TXT record is complete, use these formats.
The edit to the CNAME on your authoritiative DNS editor (not in CloudFlare's DNS settings) is to append .cdn.cloudflare.net. The format of the CNAME record will be like this:
<domain> CNAME <domain>.cdn.cloudflare.net
www.example.com CNAME www.example.com.cdn.cloudflare.net
You can add one or as many CNAMEs as you like to your authoritative DNS.
Make sure there is a corresponding record in the CloudFlare DNS Settings that is marked with an orange cloud. Make sure the record(s) you want are enabled by toggling the clouds to orange. Replace EXAMPLE.COM with your domain in the URLs below.
The logical flow of a CNAME lookup is show in the diagram below:
Decide on your CloudFlare Settings. The defaults are fine, but you can start to get a feel for the options. Replace EXAMPLE.COM with your domain in the URL below.
More on SSL
If you need the CloudFlare-issued SSL with CNAME setup, there may be an extra manual step, unless one of the CNAMEs chosen is www.
If you use a different CNAME, ask your CloudFlare contact for the SSL verification meta tag which will need to be placed temporarily on your site at the root domain or www. You may also upload your custom SSL certification (Business and Enterprise customers only).
Turning CloudFlare Off
Once the record is live, you'll have two ways to disable CloudFlare, if you ever need to.
1) On the CloudFlare DNS Settings page, disable the proxy (click the cloud to Grey). You'll still use CloudFlare DNS for that record, if your authoritative DNS doesn't change, but it will be DNS only: no security or acceleration or other CloudFlare benefits.
2) Remove the CNAME record pointing to CloudFlare from your authoritative DNS.