Managing DNS records in Cloudflare

Learn the purpose of common DNS records and how you can add or delete those records at Cloudflare.  To configure your site on Cloudflare successfully, you add domains and add subdomains via DNS records.


What is DNS?

DNS translates domain names to IP addresses and that's why it is often called the "phonebook of the Internet."  For details on DNS and its purpose on the Internet, visit our what is DNS learning center.


Adding DNS records

When you first add a domain to Cloudflare, a scan of common DNS records is performed in a attempt to add all of the domain's DNS records to the Cloudflare DNS app automatically. If you need to add records manually for a domain, follow the procedure below:

If your domain is added to Cloudflare via one of our hosting partners, you must manage your DNS records via the hosting partner. In this case, the Cloudflare DNS app adds a note informing customers where to manage DNS instead of using the Cloudflare DNS wizard.

1. Log in to the Cloudflare dashboard.

2. Click the appropriate Cloudflare account for the domain where you will add records.

3. Ensure the proper domain is selected.

4. Click the DNS app.

5. The UI interface for adding DNS records appears under DNS Records:

DNS-Wizard.png

6. Replace Name with a subdomain or the root domain.

Per Internet standards, Name must:
  • be 63 characters or less,
  • start with a letter,
  • end with a letter or digit,
  • and contain only letters, digits, or a hyphen as the interior characters.

Additionally, Cloudflare allows an underscore _ in the A and CNAME record Name since some modern web services support an underscore. However, Cloudflare discourages using underscores due to limited browser support.

7. (Optional) Some record types such A, AAAA, and CNAME allow a customer to toggle the Cloudflare proxy on or off.  For the Cloudflare Proxy Toggle:

  • An orange cloud icon proxies traffic through Cloudflare for the DNS record Name. 
  • grey cloud icon ensures traffic for the DNS record Name is not proxied to Cloudflare.  Cloudflare still serves DNS for a grey clouded DNS record, but no other Cloudflare features such as SSL, page rules, caching, WAF, etc are applied.
Grey cloud icons for A, AAAA, or CNAME records will expose your origin IP address to attackers and allows them to attack your origin IP address directly even if you later proxy traffic to Cloudflare.  Direct attacks to your origin IP are only mitigated by asking your hosting provider to change your origin IP address.

8. The Type selection defaults to A records.  Expand the DNS record types in the tables below for further instructions pertaining to each record type:

To ensure visitor traffic reaches a domain, a domain requires at least an A or AAAA record to point to the origin web server IP address or a CNAME record that points to the hostname of a hosting service.

Critical DNS records for IP address resolution:

DNS records for email and email authentication:

Specialized DNS records:

For questions about a DNS record not listed in the table above, visit our Learning Center.

Cloudflare can proxy certain DNS records. Please visit our guide on which records are appropriate to proxy.


Deleting DNS records

1. Log in to the Cloudflare dashboard.

2. Click the appropriate Cloudflare account for the domain where you will delete records.

3. Ensure the proper domain is selected.

4. Click the DNS app.

5. Under DNS Records, click X to delete a specific DNS record.


Related resources

Not finding what you need?

95% of questions can be answered using the search tool. This is the quickest way to get a response.

Powered by Zendesk