How to add, remove and bypass common DNS records in CloudFlare?

This article will guide you how to add, remove and bypass common DNS records in CloudFlare.

CloudFlare allows you to manage all common DNS records like A, MX, NS, TXT, CNAME, etc. of your domain. If you have already added your website on CloudFlare, you can refer this article to manage different DNS records on CloudFlare. If no, you can refer to the following article to add a new website to your CloudFlare account.

How to Enable Free SSL Certificate From CloudFlare Panel

Following are the steps to manage different DNS records from CloudFlare. We believe that you have Logged into your Cloudflare account.

Select the DNS icon from the CloudFlare top menu.

A record:

An A record is the pointer record which is used to point your website to a server. It indicates the IP address of a given domain. ‘A’ records only hold Ipv4 addresses, if the site has an Ipv6 address, it will instead use an ‘AAAA’ record.

  1. Select the A record type from the record type drop-down on the left-hand side.
  2. Enter the record Name and IPv4 address.

    01-add-A-record-in-cloudflare

  3. Click Add Record to finish adding the record.

NS record:

The NS records are used to locate DNS zone of your website. It stores the nameserver for a DNS entry. NS stands for ‘nameserver’ and this record indicates which DNS server is authoritative for that domain (which server contains the actual DNS records). A domain will often have multiple NS records which can indicate primary and backup name servers for that domain.

  1. Select the NS record type from the record type drop-down on the left-hand side.
  2. Enter the record Name and Nameserver.

    02-add-NS-record-in-cloudflare

  3. Click Add Record to finish adding the record.

TXT record:

The TXT record is the text record ( also known as Sender Policy Framework - SPF record) which is used to identify which email server is allowed to send emails from the domain. The ‘text’ record lets a domain administrator enter text into the DNS record, as it was originally intended as a place for human-readable notes. One domain can have many TXT records and they are commonly used for Sender Policy Framework (SPF) codes that help an email server determine if a message is from a trusted source, as well as ownership verification of a domain.

  1. To add a TXT record click on TXT Record type.

    03-add-TXT-record-in-cloudflare

  2. Under DNS Records, complete the fields for your TXT record.
  3. i.e. TXT Record: v=spf1 a:mail.domain.com ~all.

    04-add-txt-content-in-cloudflare

  4. Click Add Record.

CNAME record:

The CNAME is the canonical record which is an alias for your domain name. It forwards one domain or subdomain to another domain, does NOT provide an IP address.

  1. Select CNAME from record type drop-down menu, specify the record Name and Record Data.

    05-add-cName-record-in-cloudflare

  2. Click Add Record.

MX record:

The MX record is the mail exchange record which is required for the email service. MX records are used to specify the mail server that is responsible for accepting email messages on behalf of a recipient’s domain. MX records can be created in the DNS settings of your Cloudflare dashboard. Cloudflare operates as an HTTP/S proxy and currently does not proxy mail ports.

From the drop-down, select MX as the record type.

06-add-MX-record-in-cloudflare

  1. Keep record Name field blank.
  2. In the next text box (it says Click to configure), click to open the Add Record dialog.

    07-add-MX-content-in-cloudflare

  3. Type the address of the mail server in Server field and set the Priority to 10.
  4. Click on Save button.
  5. Now, Click Add Record.


Cloudflare does not proxy traffic on port 25 (SMTP).
If Cloudflare is not disabled for the MX records, mail delivery might not be successful.
Make sure your mail records are grey-clouded on Cloudflare.



 

WHAT SUBDOMAIN RECORDS ARE APPROPRIATE FOR ORANGE / GRAY CLOUDS?



An orange cloud means your web traffic is running through Cloudflare making your site faster, safer and smarter. A gray cloud means your web traffic is not running through Cloudflare.

Only A and CNAME over web traffic ports (such as 80 and 443) records have the option to be powered by Cloudflare, meaning that only A, AAAA, and CNAME records have the option of an orange cloud.

However, not all A, AAAA, and CNAME records are appropriate to pass through Cloudflare. Cloudflare makes suggestions for which records should be orange, but you can easily change this by clicking on the cloud. To decide which records pass through the Cloudflare network, you need to understand what type of content appears on that subdomain. You should enable Cloudflare for any subdomain that gets web traffic.

You should not enable Cloudflare for subdomains that handle non-web traffic, such as Mail, FTP, and SSH. These types of records should be marked by a gray cloud . To view these options for Cloudflare protection, please go to Your Website -> Menu -> DNS Settings.

TO DISABLE (BYPASS) A DNS RECORD

  1. Click on (orange cloud icon) of the record for you want to bypass CloudFlare (For such DNS record like Mail A record of MX, FTP etc.).
  2. Once you click on the (orange cloud icon), it turns to the gray cloud .
  3. If there are any additional records you'd like to disable, you can disable them from here.

    08-disabled-DNS-in-cloudflare

TO REMOVE A DNS RECORD

  1. Click “X” button left-hand side of a record row.

    09-to-remove-record-in-cloudflare

  2. In the confirmation box click OK.

    10-ask-for-the-confirmation-cloudflare


  • 0 Users Found This Useful

Was this answer helpful?

Related Articles

How to Enable Free SSL Certificate From CloudFlare Panel?

CloudFlare provides free SSL certificate to encrypt the data transmission between browser and web...

How to redirect cPanel/Webmail to encrypted connection [SSL]?

When you want to transmit sensitive information over the Internet, you should use HTTPS instead...

How to generate CSR key and install SSL certificate on IIS 8?

SSL (Secure Sockets Layer) is an encryption technology, which creates an encrypted connection...

Do you provide Extended Validation Certificate?

No, we do not provide Extended Validation Certificate. However, we do provide the following SSL...

Does Rapid SSL certificate provide 128 bit encryption OR 256 bit encryption?

The actual encryption strength on a secure website connection enabled by a digital SSL...