Skip to content
Cloudflare Docs

Add a site

Follow these steps to onboard your website or application to Cloudflare. Once your domain is active, your web traffic will proxy through Cloudflare, which speeds up and protects websites and services on your domain.

Cloudflare will become the primary DNS provider for your domain, meaning your DNS records are managed at Cloudflare, and we authoritatively answer all DNS queries.

Prerequisites

To onboard a website or application to Cloudflare, you need to own the domain name (example.com).

If you do not already own a domain and plan to use Cloudflare for your authoritative DNS, we highly recommend purchasing your domain name through Cloudflare Registrar. This simplifies your setup process by automatically using Cloudflare for authoritative DNS.

If you are onboarding an existing domain to Cloudflare, make sure DNSSEC is disabled at your registrar (where you purchased your domain name). Otherwise, your domain will experience connectivity errors when you change your nameservers.

Provider-specific instructions

This is not an exhaustive list of how to update DS records in other providers, but the following links may be helpful:

Why you have to disable DNSSEC

When your domain has DNSSEC enabled, your DNS provider digitally signs all your DNS records. This action prevents anyone else from issuing false DNS records on your behalf and redirecting traffic intended for your domain.

However, having a single set of signed records also prevents Cloudflare from issuing new DNS records on your behalf (which is part of using Cloudflare for your authoritative nameservers). So if you change your nameservers without disabling DNSSEC, DNSSEC will prevent Cloudflare's DNS records from resolving properly.

1. Add site in Cloudflare

  1. Log in to the Cloudflare dashboard.

  2. Select Add a domain.

  3. Enter your website's apex domain (for example, example.com), choose how you would like to add your DNS records, and select Continue.

  4. Select a plan.

  5. Make sure we have all of your DNS records.

    Cloudflare can automatically scan for common records and add them to the DNS zone for you, or you can add records manually. These records show up under your domain on the DNS > Records page of the dashboard.


    1. Since the quick scan is not guaranteed to find all existing DNS records, you need to review your records, paying special attention to the following:

      • Zone apex records (example.com)

        More about zone apex records

        Zone apex refers to the domain or subdomain that you are adding to Cloudflare.

        Usually, the zone apex record makes your domain accessible by visitors. In this case, the necessary record type (A, AAAA, or CNAME) and its content will depend on the provider that hosts your website or application.

        If you are using Cloudflare Pages, refer to Custom domains.

        If you are using other providers, look for their guidance on how to connect domains managed on external DNS services. Then, make sure you have the records required by your hosting provider on your DNS records table at Cloudflare.

      • Subdomain records (www.example.com or blog.example.com)

        More about subdomain records

        Most subdomains serve a specific purpose within the overall context of your website. For example, blog.example.com might be your blog, support.example.com could be your customer help portal, and store.example.com would be your e-commerce site.

        Even if you do not require specific subdomains, you might want to set up at least the www subdomain. It will usually point to the same content as what you have on the apex domain (example.com) or use a redirect. Having a DNS record on the www subdomain helps guarantee that a visitor who types www. in front of your domain address on their browser can still find your website or application.

      • Email records

        More about email records

        Depending on your business needs, you can configure DNS records so that you can use your domain to receive emails, receive and send emails from your domain, or prevent others from sending emails on your behalf (spoofing).

        Below are some examples of what those DNS records might look like. The exact values for your DNS mail records depend on your email provider. If you have issues, review the Troubleshooting and contact your email service provider to confirm your DNS records are correct.

        TypeNameContentProxy statusTTL
        Amail192.0.2.1DNS OnlyAuto
        MXexample.com5 john.mx.example-server.testDNS OnlyAuto
        TXT_dmarc"v=DMARC1; p=reject; sp=...DNS OnlyAuto
        TXT*._domainkey"v=DKIM1; k=rsa; p=..."DNS OnlyAuto
        TXTexample.com"v=spf1 ip4:..."DNS OnlyAuto

    2. If you find any missing records, manually add those records.

    3. Depending on your site setup, you may want to adjust the proxy status for certain A, AAAA, or CNAME records.

    4. Select Continue.

2. Update nameservers

Once you have added a domain (also known as a zone) to Cloudflare, that domain will receive two assigned authoritative nameservers.


Before your domain can begin using Cloudflare for DNS resolution, you need to add these nameservers at your registrar. Make sure DNSSEC is disabled at this point.

3. Complete SSL/TLS setup

To prevent insecure connections and visitor browser errors, make sure you have SSL/TLS protection.

4. Go beyond the basics

Many Cloudflare services will automatically protect and speed up your web traffic once your nameservers are updated. To customize how we process your traffic and to get more out of Cloudflare, refer to our basic tasks.