Cloudflare as DNS Provider
Cloudflare offers free DNS hosting with fast global resolution. You can use Cloudflare purely as a DNS provider (DNS-only mode) or enable their proxy for additional benefits.
DNS-Only Mode (Grey Cloud)
When the proxy is disabled (grey cloud icon), Cloudflare acts as a pure DNS provider:
- DNS queries resolve directly to your server IP
- No CDN, caching, or DDoS protection
- Your real server IP is visible in DNS lookups
Proxy Mode (Orange Cloud)
When enabled, traffic flows through Cloudflare's network:
- Hides your real server IP
- Provides DDoS protection
- Caches static content globally
- Free SSL certificate
- Firewall rules and rate limiting
Setting Up Cloudflare
- Create a free Cloudflare account
- Add your domain
- Update nameservers at your registrar to Cloudflare's
- Import or re-create your DNS records
- Choose proxy mode per record
When to Use Proxy Mode
- Websites — yes (caching, protection)
- Email (MX records) — NO (must be DNS-only)
- SSH — NO unless using Cloudflare Tunnel
- Game servers — NO (UDP traffic needs Spectrum, a paid feature)
- API servers — yes, if HTTP/HTTPS
SSL Modes
| Mode | Description |
|---|---|
| Flexible | HTTPS to Cloudflare, HTTP to your server (NOT recommended) |
| Full | HTTPS to both, but doesn't verify your cert |
| Full (Strict) | HTTPS to both, verifies your cert (recommended) |
Important: Email Records
MX records and email-related A records (like mail.example.com) must have the proxy disabled or email delivery will fail.