Best way to protect my own DNS server?

Hi all! I own a BIND dns server (for example “”) where there are at least 50 domains pointing to it,
Which would be the best way to protect this dns server from attacks with Cloudlfare?
Does the free option can run correctly if i protect the domain “” as a website?
Hope somebody can answer this, i’m pretty new at CF so any help is welcomed
all the best!

Sorry, unless you’re on an Enterprise Plan, Cloudflare does not protect Port 53.

1 Like

Ok, thanks

1 Like

So you can move your nameservers to Cloudflare for and have Cloudflare protect your website and :grey: your NS records that you have the other 50 domains pointing to in which case we just resolve the DNS to your BIND server. That would work just fine, but we’re not providing any significant service to your BIND server (just hosting your zone’s DNS).

You could also leave your DNS on your BIND server and do a CNAME Setup on our BIZ plan where you just cname to Cloudflare for CDN/WAF.

Or depending on your use case and customer profile for those 50 domains, we could provide DNS firewall services for your existing DNS server as part of an ENT plan

Ok, Thank you cscharff,
could you please give me a little more detail about “just hosting your zone’s DNS”
If we consider the typical attack to a dns server,
does this zone hosting gives any kind of protection against attacks?
or this adds any difference comparing to a standard dns server?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.