How DNS Records work | A Cloudflare Webmasters Guide

In this article, you’ll learn how to manage DNS records for your site using Cloudflare. As well as, the purpose of common DNS records, and how you can add or delete those records. But first, to configure your site on Cloudflare successfully, you’ll need to add your domains and subdomains via DNS records.

Generally, the public Internet does its best to deliver your content — but it can’t account for network congestion. Leading to slow load times and a degraded end-user experience. The Cloudflare network is different. It routes over 10 trillion global requests per month. Cloudflare was created to ease the difficulties of content delivery.

While empowering its users with the resources to make their sites, apps, and blogs safe and performant. So, if you’re a pro web developer, you can start straight away! And you can do all this through the use of a powerful edge network that’s Cloudflare. That provides content and other services as close to you as possible. Meaning, you’ll get the information as fast as possible.

So, what is it and how does it work? Why does every webmaster need it for their web performance & security? Well, you can see more details on

What Are DNS Records?

DNS records are a set of global systems for translating IP addresses to human-readable domain names. When a user tries to access a web address like “”, their web browser or application performs a DNS Query against a DNS server, supplying the hostname. The DNS server takes the hostname and resolves it into a numeric IP address, which the web browser can connect to.

A component called a DNS Resolver is responsible for checking if the hostname is available in the local cache. And if not, it contacts a series of DNS Name Servers, until eventually, it receives the IP of the service the user is trying to reach.

Related Topic: Why Cloudflare is the Best for Web Performance & Security

After that, it returns it to the browser or application that usually takes less than a second to process. You can read and learn more about Record Makeup in detail from this article. From the revised article through the link provided above, you already have an idea of what Cloudflare is and how it works.

Now let’s learn how to Manage Cloudflare DNS Records for your Website below. We’ll start with the definition of what a DNS is. DNS translates domain names to IP addresses and that’s why it is often called the “phonebook of the Internet.”

How to Add DNS records to Cloudflare

When you first add a domain to Cloudflare, a scan of common DNS records is performed. This is in an attempt to automatically add all of the domain’s DNS records to the Cloudflare DNS app. That in mind, if you need to add records manually for a domain, you can follow the procedure below.

And if your domain is added to Cloudflare through one of their hosting partners, you can manage your DNS records through the hosting partner. In this case, the Cloudflare DNS app (known as informs customers to manage DNS outside of Cloudflare. Below is a screenshot of what to expect.

Cloudflare dashboard

How to add DNS records:
  1. Log in to the Cloudflare dashboard.
  2. Click the appropriate Cloudflare account for the domain where you will add records.
  3. Ensure the proper domain is selected and then click on the DNS app.
  4. The UI interface for adding DNS records appears under DNS Records.
  5. Replace Name with a subdomain or the root domain.

Per Internet standards, the preferred name must:*

  • be 63 characters or less,
  • start with a letter,
  • end with a letter or digit,
  • contain only letters, digits, or a hyphen as the interior characters.

What is Cloudflare Proxy Toggle?

Additionally, Cloudflare allows an underscore _ in the A and CNAME record **Name** since some modern web services support an underscore.

However, Cloudflare discourages using underscores due to limited browser support. Although optional, some record types such as AAAAA, and CNAME allow a customer to toggle the Cloudflare proxy on or off. For the Cloudflare Proxy Toggle:

  • An orange cloud icon proxies traffic through Cloudflare for the DNS record Name.
  • grey cloud icon ensures traffic for the DNS record Name is not proxied to Cloudflare.

Keep in mind, Cloudflare still serves DNS for a grey clouded DNS record. But no other Cloudflare features such as SSL, page rules, caching, WAF, etc are applied.

Related Topic: How to Auto Refresh Web Pages | Top 5 Extensions to use

Grey cloud icons for AAAAA, or CNAME records will expose your origin IP address to attackers and allows them to attack your origin IP address directly even if you later proxy traffic to Cloudflare.

In addition, direct attacks to your origin IP are only mitigated by asking your hosting provider to change your origin IP address.

For the default DNS Type records:

To ensure visitor traffic reaches a domain, a domain requires at least an A or AAAA record to point to the origin web server IP address. Or rather a CNAME record that points to the hostname of a hosting service.

Eventually, the Type selection defaults to A records. Below are the expanded DNS record types in a table form for further instructions pertaining to each record type:

1. Critical DNS records for IP address resolution:

The SPF record helps you to replace Value with real data. But, DNS specifications have deprecated the SPF record type in favor of TXT records. Although Cloudflare and most other DNS providers support the dedicated SPF record types, some DNS clients may instead look for a TXT record.

Add both an SPF record and a TXT record to your domain to ensure backward compatibility. SPF content as a TXT record will look similar to the following:

TXT @ v=spf1 -all

Contact your mail provider about SPF record content if you observe SPF failures in your email headers or if your mail is undeliverable.

3. Specialized DNS records:

Finally, for more questions about a DNS record not listed in the guide above, you can visit the Cloudflare Learning Center. And since Cloudflare can proxy certain DNS records, please visit their guide on which records are appropriate to the proxy. But, if you’ll require or need more help, you can Contact Us or even share your thoughts in the comments section.

You can also donate in order to support our blog articles and other ongoing projects work.

Get Free Newsletters

Help Us Spread The Word