Add multiple sites via automation
To add multiple sites to Cloudflare at once and more efficiently, you can do so via the Cloudflare API.
Adding multiple sites can be useful when you:
- Have multiple domains mapping back to a single, canonical domain (common for domains in different countries - such as
.com.au,.co.uk- that you want protected by Cloudflare). - Are a partner, agency, or IT consultancy, and manage multiple domains on behalf of your customers.
- Are moving an existing set of sites over to Cloudflare.
Using the API will allow you to add multiple sites quickly and efficiently, especially if you are already familiar with how to change your name-servers or add a DNS record.
This tutorial assumes domains will be added using full mode.
Prerequisites
To add multiple sites to Cloudflare via automation, you need:
- An existing Cloudflare account.
- Command line with
curl - A Cloudflare API token with one of the following permissions:
- Zone-level
Administrator - Zone-level
Zone: EditandDNS: Edit - Account-level
Domain Administrator
- Zone-level
- To have disabled DNSSEC for each domain at your registrar (where you bought your domain name).
- Follow this tuorial to migrate an existing DNS zone without having to disable DNSSEC
Provider-specific instructions
This is not an exhaustive list of how to update DS records in other providers, but the following links may be helpful:
Add domains
- Create a list of domains you want to add, each on a separate line (newline separated), stored in a file such as
domains.txt. - Create a bash script
add-multiple-zones.shand add the following. Adddomains.txtto the same directory or update its path accordingly.
for domain in $(cat domains.txt); do printf "Adding ${domain}:\n"
curl https://api.cloudflare.com/client/v4/zones \ -H 'Content-Type: application/json' \ -H 'X-Auth-Email: <CLOUDFLARE_EMAIL>' \ -H 'X-Auth-Key: <CLOUDFLARE_API_KEY>' \ --data '{ "account": { "id":"<ACCOUNT_ID>" }, "name": "'"$domain"'", "type": "full" }' printf "\n\n" done- Open the command line and run:
bash add-multiple-zones.shAfter adding a domain, it will be in a Pending Nameserver Update state.
Additional options
jq
jq is a command-line tool that parses and beautifies JSON outputs.
This tool is a requirement to complete any Additional options steps in this tutorial.
echo '{"foo":{"bar":"foo","testing":"hello"}}' | jq .Refer to jq documentation for more information.
Quick scan
Cloudflare offers a quick scan that helps populate a zone’s DNS records. This scan is a best effort attempt based on a predefined list of commonly used record names and types.
This API call requires the domain ID. This can be found in the following locations:
Using jq with the first option above, modify your script add-multiple-zones.sh to extract the domain ID and run a subsequent API call to quick scan DNS records.
for domain in $(cat domains.txt); do printf "Adding ${domain}:\n"
add_output=`curl https://api.cloudflare.com/client/v4/zones \ -H 'Content-Type: application/json' \ -H 'X-Auth-Email: <CLOUDFLARE_EMAIL>' \ -H 'X-Auth-Key: <API_KEY>' \ --data '{ "account": { "id":"<ACCOUNT_ID>" }, "name": "'"$domain"'", "type": "full" }'`
echo $add_output | jq .
domain_id=`echo $add_output | jq -r .result.id`
printf "\n\n" printf "DNS quick scanning ${domain}:\n"
scan_output=`curl -X POST https://api.cloudflare.com/client/v4/zones/$domain_id/dns_records/scan \ -H 'Content-Type: application/json' \ -H 'X-Auth-Email: <CLOUDFLARE_EMAIL>' \ -H 'X-Auth-Key: <API_KEY>'`
echo $scan_output | jq .
done Update nameservers
For each domain to become active on Cloudflare, it must be activated in either Full setup or Partial setup. The following script will output a list containing the nameservers associated with each domain.
You can find your zones nameservers in the following locations:
- Modify your script
add-multiple-zones.shto print a CSV with data from theCreate ZoneJSON response.
for domain in $(cat domains.txt); do printf "Adding ${domain}:\n"
add_output=`curl https://api.cloudflare.com/client/v4/zones \ -H 'Content-Type: application/json' \ -H 'X-Auth-Email: <CLOUDFLARE_EMAIL>' \ -H 'X-Auth-Key: <API_KEY>' \ --data '{ "account": { "id":"<ACCOUNT_ID>" }, "name": "'"$domain"'", "type": "full" }'`
# Create csv of nameservers echo $add_output | jq -r '[.result.name,.result.id,.result.name_servers[]] | @csv' >> /tmp/domain_nameservers.csv
domain_id=`echo $add_output | jq -r .result.id`
printf "\n\n" printf "DNS quick scanning ${domain}:\n"
scan_output=`curl -X POST https://api.cloudflare.com/client/v4/zones/$domain_id/dns_records/scan \ -H 'Content-Type: application/json' \ -H 'X-Auth-Email: <CLOUDFLARE_EMAIL>' \ -H 'X-Auth-Key: <API_KEY>'`
echo $scan_output | jq .
done
printf "name_servers are saved in /tmp/domain_nameservers" cat /tmp/domain_nameservers.csv| ID | ZONE | NAME SERVERS |
|---|---|---|
| <ZONE_ID> | example.com | arya.ns.cloudflare.com, tim.ns.cloudflare.com |
- Use the values in the NAME SERVERS column to update the nameservers at the registrar of each domain.
Limitations
There are limitations on the number of domains you can add at a time. If you attempt to add more than 50 domains at a time, any additional domains will be blocked until your current domains are active.
After that, you cannot have more pending sites than active sites associated with your Cloudflare account. We recommend waiting until your pending sites have been activated before adding additional domains.
Common issues
If any errors were returned in this process, the domain may not be registered (or only just registered), be a subdomain, or otherwise been invalid. For more details, refer to Cannot add domain.