Skip to content
  • Documentation >
  • Apps >
  • Website Building >
  • Cloudflare

Cloudflare

The Cloudflare modules enable you to monitor, create, or update zones and monitor, create, list, patch, delete, or export/import DNS records in your Cloudflare account.

Getting Started with Cloudflare

Prerequisites

  • A Cloudflare account

In order to use Cloudflare with Ibexa Connect, it is necessary to have a Cloudflare account. If you do not have one, you can create a Cloudflare account at dash.cloudflare.com/sign-up.

Connecting Cloudflare to Ibexa Connect

To connect your Cloudflare account to Ibexa Connect, you'll need to create an API token or retrieve an API Key in your Cloudflare account.

Choose one of the options for establishing a connection:

  • API Token (allows scoped and permissioned access to resources, and uses the RFC compliant Authorization Bearer Token Header)

  • API Key

Connecting Using an API Token

1. Log in to your Cloudflare account.

2. Click your profile icon in the top-right corner, and select the My Profile option.

61f2695143d3b.gif

3. Open the API Tokens tab, and click the Create Token button.

61f269540ee63.gif

4. On the API Tokens page, click the Get Started button to create a custom token.

61f269571c242.png

5. Enter the desired name for your token, and add required permissions and additional permissions needed for the modules you want to use in your scenario. Then click Continue to summary and Create a Token.

REQUIRED PERMISSIONS

Account:Account Settings:Read

User:User Details:Read

Zone:Zone:Read

61f26958744b6.gif

Additional Permissions
MODULE NAME PERMISSION REQUIRED FOR THE MODULE
Watch Zones Zone:Zone:Read
Create a Zone Zone:Zone:Edit
Change a Zone's SSL Setting Zone:Zone Settings:Edit
Change a Zone's Security Level Zone:Zone Settings:Edit
Turn a Zone into Development Mode Zone:Zone Settings:Edit
Watch DNS Records Zone:DNS:Read
Create a DNS Record Zone:DNS:Edit
List DNS Records Zone:DNS:Read
Patch a DNS Record Zone:DNS:Edit
Delete a DNS Record Zone:DNS:Edit
Export DNS Records Zone:DNS:Read
Import DNS Records Zone:DNS:Edit
Create a Certificate Requires the API Key authentication.
List Certificates Requires the API Key authentication.
Revoke a Certificate Requires the API Key authentication.
Watch User Billings Requires the API Key authentication.

6. Copy the token provided.

61f2695b7c9be.png

7. Go to Ibexa Connect, open the Cloudflare module's Create a connection dialog, and select the API Token option in the Authentication Method field.

8. Enter the API Token you have copied in step 6 to the respective field, and click the Continue button to establish the connection.

The connection has been established. You can proceed with setting up the module.

Connecting Using API Key

1. Log in to your Cloudflare account.

2. Click your profile icon in the top-right corner, and select the My Profile option.

61f2695143d3b.gif

3. Open the API Tokens tab, and click the View button for the Global API Key. Enter the password, and copy the displayed Global API Key.

61f2695ce102f.gif

4. Go to Ibexa Connect, open the Cloudflare module's Create a connection dialog, and select the API Key option in the Authentication Method field.

5. Enter the Global API Key you have copied in step 3 to the respective field, enter your account email, and click the Continue button to establish the connection.

The connection has been established. You can proceed with setting up the module.

Zones

A Zone is a domain name along with its subdomains and other identities.

Watch Zones

Retrieves details when a zone is created, updated, or activated.
Event Select whether you want to watch created, modified, or activated zones
Limit Set the maximum number of zones Ibexa Connect will return during one execution cycle.

Create a Zone

Creates a new zone.
Domain Name Enter the domain name of the site you want to add.
Account ID Enter or select the account ID.

If the account ID is not provided in the drop-down menu, you can obtain the account ID in the URL of your Cloudflare account.

61f2695f4767d.png
Skip fetching current DNS records Enable this option to skip automatic attempt to fetch existing DNS records.
Type Select the type. A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup.

Change a Zone's SSL Setting

Changes the SSL setting of the specified site.

Zone ID

Map the zone ID, or select the zone you want to change the SSL setting for.

SSL Setting

  • Off (Not Secure) No SSL between the visitor and Cloudflare, and no SSL between Cloudflare and your web server (all HTTP traffic).

  • Flexible SSL between the visitor and Cloudflare. The visitor sees HTTPS on your site, but no SSL between Cloudflare and your web server. You don't need to have an SSL certificate on your web server, but your visitors will still see the site as being HTTPS enabled.

  • Full SSL between the visitor and Cloudflare. The visitor sees HTTPS on your site and SSL between Cloudflare and your web server. You'll need to have your own SSL certificate or self-signed certificate, at the very least.

  • Full (strict) SSL between the visitor and Cloudflare. The visitor sees HTTPS on your site and SSL between Cloudflare and your web server. You'll need to have a valid SSL certificate installed on your web server. This certificate must be signed by a certificate authority, have an expiration date in the future, and respond for the request domain name (hostname).

Change a Zone's Security Level

Adjusts the security settings.

Zone ID

Map the zone ID, or select the zone you want to change the security level for.

Security Level

Select the security level you want to set for the zone specified above.

  • Essentially off Only challenges IP addresses with the worst reputation.

  • Low Challenges only the most threatening visitors.

  • Medium Challenges both moderate threat visitors and the most threatening visitors.

  • High Challenges all visitors that exhibit threatening behavior within the last 14 days.

  • I’m Under Attack! Only for use if your website is currently under a DDoS attack.

Turn a Zone into Development Mode

Modifies the development mode setting of the zone.
Zone ID Map the zone ID, or select the zone you want to enable the development mode for.
Development mode Enable this option to turn on the development mode.

DNS Records

Watch DNS Records

Returns DNS record details when a DNS record is created or modified.
Zone ID Map the zone ID, or select the zone you want to watch for DNS records.
Event Select whether you want to watch created or modified DNS records.
Limit Set the maximum number of DNS records Ibexa Connect will return during one execution cycle.

Create a DNS Record

Creates a new DNS record for a zone.
Zone ID Map the zone ID, or select the zone you want to create a new DNS record for.
Type Select the type of the new DNS record. See the Cloudflare documentation for each type's fields.

List DNS Records

Returns DNS records based on specified criteria.
Zone ID Map the zone ID, or select the zone you want to list DNS records for.
Requirement Select the logical operator. Indicate whether to match all search requirements or at least one (any).
Name Enter the DNS record name to filter results by.
Content Enter the content of the DNS record to filter results by.
Type Select the type of the DNS record to filter results by.
Proxied DNS record proxied status.
Order Select the order in which you want to sort returned DNS records.
Direction Select the order of the returned domains.
Limit Set the maximum number of DNS records Ibexa Connect will return during one execution cycle.

Patch a DNS Record

Partially updates a DNS record.
Zone ID Map the zone ID, or select the zone you want to update a DNS record for.
DNS Record ID Map or select the identifier of the DNS record you want to update.
Type Select the type of DNS record.

Delete a DNS Record

Removes a DNS record.
Zone ID Map the zone ID, or select the zone you want to delete a DNS record from.
DNS Record ID Map or select the identifier of the DNS record you want to delete.

Export DNS Records

Downloads a BIND configuration file.
Zone ID Map the zone ID, or select the zone you want to download a BIND configuration file for.
File Name Enter the file name without .zone extension. Leave this field blank to use {zone_name}_{current_datetime}.zone as the file name.

Import DNS Records

Uploads a BIND configuration file.
Zone ID Map the zone ID, or select the zone you want to upload a BIND configuration file to.
Source File Map the file you want to upload from the previous module (e.g. HTTP > Get a File or Google Drive > Download a File), or enter the file name and file data manually.

Origin CA

Create a Certificate
Hostnames Add hostnames you want to bind to the certificate.
Requested Validity Select the number of days for which the certificate should be valid.
Request Type Select the signature type desired on the certificate.
Certificate Signing Request Enter the CSR (a block of encoded text).

List Certificates

Retrieves origin certificates for the specified zone.
Zone ID Map the zone ID, or select the zone you want to list certificates from.
Limit Set the maximum number of certificates Ibexa Connect will return during one execution cycle.

Revoke a Certificate

Revoke an existing Origin CA certificate.
Zone ID Map the zone ID, or select the zone you want to revoke a certificate from.
Certificate ID Map the Certificate ID of the certificate you want to revoke.

Billings

Watch User Billings

Retrieves billing history details when the authorized user is billed.
Limit Set the maximum number of billing histories Ibexa Connect will return during one execution cycle.

Make an API Call

Allows you to perform a custom API call.

URL

Enter a path relative to https://api.cloudflare.com/client. For example: /v4/user.

For the list of available endpoints, refer to the Cloudflare API v4 Documentation.

Method

Select the HTTP method you want to use:

GETto retrieve information for an entry.

POSTto create a new entry.

PUTto update/replace an existing entry.

PATCHto make a partial entry update.

DELETEto delete an entry.

Headers

Enter the desired request headers. You don't have to add authorization headers; we've already done this for you.

Query String

Enter the request query string.

Body

Enter the body content for your API call.

Example of Use - List Zones

The following API call returns all zones in your Cloudflare account:

URL:/v4/zones

Method:GET
61f2696073cf4.png

The result can be found in the module's Output under Bundle > Body > result. In our example, 2 zones were returned:
61f26961938ce.png

Common Problems

The operation failed with an error. [403] Error 9109: Unauthorized to access requested resource

Add the permission to your API Token that is required by the module you want to use. Please see the additional permissions list.

The operation failed with an error. [501] Error 10000: API Tokens are not supported by this API for now.

Connect using an API Key. Enter the desired request headers. You don't have to add authorization headers; we've already done this for you.

Query String

Enter the request query string.

Body

Enter the body content for your API call.

Example of Use - List Zones

The following API call returns all zones in your Cloudflare account:

URL:/v4/zones

Method:GET
61f2696073cf4.png

The result can be found in the module's Output under Bundle > Body > result. In our example, 2 zones were returned:
61f26961938ce.png

Common Problems

The operation failed with an error. [403] Error 9109: Unauthorized to access requested resource

Add the permission to your API Token that is required by the module you want to use. Please see the additional permissions list.

The operation failed with an error. [501] Error 10000: API Tokens are not supported by this API for now.

Connect using an API Key.