Cloudflare Docs
Cloudflare for Platforms
Cloudflare Docs
Cloudflare for Platforms
Edit this page
Report an issue with this page
Log into the Cloudflare dashboard
Set theme to dark (⇧+D)
  1. Products
  2. Cloudflare for Platforms
  3. ...
  4. ...
  5. Provider guides
  6. Salesforce Commerce Cloud

Salesforce Commerce Cloud (SFCC)

Cloudflare partners with Salesforce Commerce Cloud to provide Salesforce Commerce Cloud customers’ websites with Cloudflare’s performance and security benefits.

If you use Salesforce Commerce Cloud and also have a Cloudflare plan, you can use your own Cloudflare zone to proxy web traffic to your zone first, then Salesforce Commerce Cloud’s (the SaaS Provider) zone second. This configuration option is called Orange-to-Orange (O2O).

​​ Benefits

O2O’s benefits include applying your own Cloudflare zone’s services and settings - such as WAF, Bot Management, Waiting Room, and more - on the traffic destined for your Salesforce Commerce Cloud environment.

​​ How it works

For additional detail about how traffic routes when O2O is enabled, refer to How O2O works.

​​ Enable

To enable O2O requires the following:

  1. Your SFCC environment must be configured as an “SFCC Proxy Zone”. If you currently have an “SFCC Legacy Zone”, you cannot enable O2O. More details on the different types of SFCC configurations can be found here.
  2. Your own Cloudflare zone on an Enterprise plan.

If you meet the above requirements, O2O can then be enabled per hostname. To enable O2O for a specific hostname within your Cloudflare zone, create a Proxied CNAME DNS record with a target of the CNAME provided by SFCC Business Manager, which is the dashboard used by SFCC customers to configure their storefront environment.

The CNAME provided by SFCC Business Manager will resemble commcloud.prod-abcd-example-com.cc-ecdn.net and contains 3 distinct parts. For each hostname routing traffic to SFCC, be sure to update each part of the example CNAME to match your SFCC environment:

  1. Environment: prod should be changed to prod or dev or stg.
  2. Realm: abcd should be changed to the Realm ID assigned to you by SFCC.
  3. Domain Name: example-com should be changed to match your domain name in a hyphenated format.
TypeNameTargetProxy status
CNAME<YOUR_HOSTNAME>commcloud.prod-abcd-example-com.cc-ecdn.netProxied

​​ Product compatibility

When a hostname within your Cloudflare zone has O2O enabled, you assume additional responsibility for the traffic on that hostname because you can now configure various Cloudflare products to affect that traffic. Some of the Cloudflare products compatible with O2O are:

For a full list of compatible products and potential limitations, refer to Product compatibility.

​​ Additional support

If you are a Salesforce Commerce Cloud customer and have set up your own Cloudflare zone with O2O enabled on specific hostnames, contact your Cloudflare Account Team or Cloudflare Support for help resolving issues in your own zone.

Cloudflare will turn to Salesforce Commerce Cloud if there are technical issues that Cloudflare cannot resolve.

​​ Resolving SSL errors using Cloudflare Managed Certificates

If you encounter SSL errors when attempting to activate a Cloudflare Managed Certificate, verify if you have a CAA record on your domain name with command dig +short example.com CAA.

If you do have a CAA record, verify that it permits SSL certificates to be issued by the certificate authorities supported by Cloudflare.