=====Cloudflare=====

====Add a Domain====
Either create a Cloudflare account:
  * Visit [[https://dash.cloudflare.com/sign-up]]
  * Enter your Email address and Password.
  * Click Create Account.
  * The Cloudflare UI asks you to add a site to Cloudflare.

Or log in to an existing account:
  * [[https://dash.cloudflare.com/login|Log in]] to your Cloudflare account.
  * Click on Add site from the top navigation bar.

Then add a site:
  * Enter your website’s root domain and then click Add Site. For example, if your website is %%www.example.com%%, type example.com.
  * Select the free plan.
  * Cloudflare attempts to automatically identify your DNS records. This process takes approximately 60 seconds to complete.
  * Review whether all DNS records were identified in the DNS query results window, if it's a new domain there likely won't be any.
  * Deselect the cloud icons for existing records to just use dns resolution.
  * Add an A record using ''@'' for the name, any temporary filler ip address, automatic TTL, and deselect the cloud icon.
  * Click Continue.
  * Select Continue with default.
  * Copy the 2 Cloudflare nameservers displayed.
  * Change the nameservers with the domain's registrar, for example to change them with [[https://freenom.com|Freenom]]:
    * Follow [[web:Domains]] if you don't already have a Freenom domain.
    * Log in to [[https://my.freenom.com/clientarea.php|My Freenom]].
    * Go to My Domains > Manage Domain > Management Tools > Nameservers
    * Enter the nameservers copied from cloudflare.
    * Click Change Nameservers. (It will normally take up to 30 minutes before nameserver changes are distributed within their DNS servers)
  * Click ''Done, check nameservers'' back on cloudflare.
  * Wait until the changes propagate through everything and re-check the domain on cloudflare to finalise it.

====Disable Email Sending====
Secure the domain from being used to [[https://blog.cloudflare.com/tackling-email-spoofing/|Spoof emails]]:
  * Visit: [[https://dash.cloudflare.com/?to=/:account/:zone/dns/settings/wizard/restrictive-records]]
  * Select the desired domain
  * Click submit on the wizard to apply the DNS records

====Dynamic DNS====
Set up a dynamic DNS updating service locally to keep the ip address updated:
  * FIXME: can probably use a restrictive API token instead
  * Go to [[https://dash.cloudflare.com/profile/api-tokens]]
  * Click on View Global API key.
  * Enter your password and copy the API key.
  * Set up the service (Using a Ubiquiti Edgerouter as the example):
  * Log in to the router, probably at [[https://10.0.0.1]] or [[https://198.164.0.1]] and access the Command Line Interface using the CLI button. Or connect using SSH.
  * Replace references to ''eth0'' with the active WAN Port, usually ''eth0'' or ''pppoe0''.
  * Replace the information in the angle brackets with your domain and login (email/api key) information.
  * Enter the following commands:

<code>
# Enter configuration mode.
configure
# Configure the dynamic DNS hostname.
set service dns dynamic interface eth0 service custom-cloudflare host-name <subdomain.domain.com>
# Define the dynamic DNS credentials.
set service dns dynamic interface eth0 service custom-cloudflare login <user@domain.com>
set service dns dynamic interface eth0 service custom-cloudflare password <cloudflare-api-key>
# Define the dynamic DNS protocol.
set service dns dynamic interface eth0 service custom-cloudflare protocol cloudflare
# Specify the root domain name for the Cloudflare zone.
set service dns dynamic interface eth0 service custom-cloudflare options zone=<domain.com>
	
# Commit the changes and save the configuration.
commit ; save
	

# You can verify the status and/or force an update of the Dynamic DNS service using the commands below:
show dns dynamic status
update dns dynamic interface eth0
</code>