How do I do CNAME setup?

CNAME setup is a manual process available to paid Cloudflare plans only at the Business or Enterprise plan level.

With CNAME setup, authoritative DNS remains elsewhere, and one or more CNAMEs are delegated to Cloudflare for acceleration and security.

Learn more about Cloudflare's DNS

Interested in CNAME setup?

First, contact Cloudflare with the domain you would like to set up via CNAME.

Use the subject line "CNAME setup <domain>" for faster review.

Allowing for CNAME setup is entirely at the discretion of Cloudflare. We're always curious to learn how we can improve our DNS to meet your needs.

If approved for CNAME setup - per our review process and policies - the process is described below.


  1. Create a Cloudflare account and start adding your website, following the normal process.

  2. STOP at Step 4 of the setup, where the website instructions ask you to change your nameservers. Do not change your nameservers.

  3. Respond to your Cloudflare ticket with the domain name, the account email address. The Business and Enterprise plans offer custom cert upload, but you'll also have a Cloudflare-issued wildcart cert which may need extra verification step for CNAME setup.

  4. unique TXT record will be emailed to you by your Cloudflare contact.

  5. Add the TXT record to your authoritative DNS on the root record, with the subdomain host (replace, of course). The TXT record value will be a number (e.g. 856172357-3825555). Leave this TXT record in place.

  6. Cloudflare will verify the presence of the TXT record automatically and email you confirmation of completion. (This may take a few hours.)

  7. Add CNAME(s) to your authoritative DNS provider following the format provided (more detail below).

  8. You're done!



All requests accelerated and protected by Cloudflare will come from the Cloudflare IP addresses. Please make sure to whitelist all Cloudflare's IPs -- if you throttle or rate-limit these requests, your website will appear to be offline.

To see the original visitor IP address, we recommend installing mod_cloudflare to pull the original visitor IP address from the HTTP headers included with every request.

In Step 2 of adding your website, toggle the clouds to orange for the subdomain(s) you want Cloudflare enabled for. For the other subdomains, mark them as gray.

Limitations of CNAME setup

Domains using CNAME setup have two limitations:

  1. The DDOS protection for attacks against DNS infrastructure is only available for the delegated records.

  2. Cloudflare's security and acceleration benefits are only available on delegated subdomains, such as The root domain, such as, cannot be protected or accelerated via Cloudflare. This is due to DNS RFCs.

To send root domain traffic to Cloudflare, you may add a redirect on your webserver (.htaccess file or similar) to forward traffic to the subdomains proxied by Cloudflare.

CNAME Format

When you reach Step 7 above, after verification of your TXT record is complete, use these formats.

The edit to the CNAME on your authoritiative DNS editor (not in Cloudflare's DNS settings) is to append to the entire hostname. The format of the CNAME record will be like this: CNAME

You can add one or as many CNAMEs as you like to your authoritative DNS. Make sure there is a corresponding record in the Cloudflare DNS Settings that is marked with an orange cloud. Make sure the record(s) you want are enabled by toggling the clouds to orange. Replace EXAMPLE.COM with your domain in the URLs below.

The logical flow of a CNAME lookup is shown in the diagram below:



Cloudflare Settings

Decide on your Cloudflare Settings. The defaults are fine, but you can start to get a feel for the options. Replace EXAMPLE.COM with your domain in the URL below.

More on SSL

If you need the Cloudflare-issued SSL with CNAME setup, you must always have CNAME verification records in place to verify the domain, you can use this Cloudflare API call to obtain SSL verification CNAME records to trigger the certificate to be issued.

You may also upload your custom SSL certification as a Business or Enterprise customer.

Turning Cloudflare Off

Once the record is live, you'll have two ways to disable Cloudflare, if you ever need to.

1) On the Cloudflare DNS Settings page, disable the proxy (click the cloud to Grey). You'll still use Cloudflare DNS for that record, if your authoritative DNS doesn't change, but it will be DNS only: you will receive no security or acceleration benefits from using Cloudflare.

2) Remove the CNAME record pointing to Cloudflare from your authoritative DNS.

Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk