Cloudflare Pro
БесплатноНе проверенA local stdio MCP server that provides 69 tools for Cloudflare REST API v4, including DNS, Zones, Workers, KV, R2, D1, Pages, Queues, Tunnels, SSL, WAF, Email R
Описание
A local stdio MCP server that provides 69 tools for Cloudflare REST API v4, including DNS, Zones, Workers, KV, R2, D1, Pages, Queues, Tunnels, SSL, WAF, Email Routing, Logpush and Workers AI, authenticated by a single API token.
README
MCP server for the Cloudflare REST API v4 — 69 tools across DNS, Zones, Workers, KV, R2, D1, Pages, Queues, Tunnels, SSL, WAF, Email Routing, Logpush and Workers AI in a single local stdio server authenticated by API token.
npm version License: MIT GitHub Stars GitHub Forks GitHub Issues Glama Quality
TypeScript Node.js MCP Claude Code Cursor Claude Desktop
Instagram YouTube LinkedIn Buy Me A Coffee Strat Academy
Unlike the official Cloudflare MCP offering (13 separate remote, OAuth-based servers), cloudflare-mcp-pro runs locally over stdio, authenticates with a single API token, and consolidates the most-used Cloudflare operations into one server with consistent verb_object tool names — ideal for Claude Code, CI, and scripted automation.
Features
- DNS — list/create/update/delete records, DNSSEC, BIND zone-file export
- Zones — list/get/create/delete, settings (SSL mode, HTTPS, min TLS…), cache purge, GraphQL analytics
- Workers — deploy (ES module), routes, secrets, cron triggers, list/get/delete
- KV / R2 / D1 — namespaces + key CRUD, bucket management, databases + SQL queries
- Pages / Queues / Tunnels — list/get projects, queue management, tunnel inspection
- Security — WAF rulesets, IP/ASN/country access rules, page rules, SSL certificate packs, custom hostnames (SaaS), Turnstile widgets
- Email Routing — rules + destination addresses
- Logpush — list/create jobs (zone or account scoped)
- Workers AI — model catalog + inference (text generation, embeddings, classification)
- Human-approval gate — every mutating tool requires
confirm: true; without it the tool returns a non-executing preview (with secrets redacted) instead of acting (see below) - MCP annotations — every tool carries readOnly/destructive/idempotent hints so clients can gate dangerous actions
- Auto-pagination —
fetch_all: trueon list tools follows every page - Single API-token auth, automatic retry + rate-limit (429/5xx) handling, and actionable error messages
Installation
npm install
npm run build
Or run directly once published:
npx -y cloudflare-mcp-pro
Configuration
Copy .env.example to .env and fill in:
| Variable | Required | Description |
|---|---|---|
CLOUDFLARE_API_TOKEN |
✅ | API token from https://dash.cloudflare.com/profile/api-tokens |
CLOUDFLARE_ACCOUNT_ID |
optional | Default account ID used when a tool doesn't receive account_id |
CLOUDFLARE_API_BASE |
optional | Override the API base URL |
Token scopes depend on what you use, e.g.: Zone:Read, DNS:Edit, Workers Scripts:Edit, Workers KV Storage:Edit, Workers R2 Storage:Edit, D1:Edit, Pages:Edit, Account Analytics:Read. Run the verify_token tool to confirm your token works.
Testing
Run the automated test suite (no network — fetch is mocked):
npm test
It covers the human-approval gate, secret redaction, the security validations (hex IDs, path-segment encoding, model-id allowlist, purge mutual-exclusion, analytics hour-alignment), the API client (query serialization, 429 retry, error mapping, pagination + clamp, GraphQL non-JSON guard) and the Zod→JSON-Schema converter.
Interactive testing with the MCP inspector:
npx @modelcontextprotocol/inspector dist/index.js
Add to Claude Code
In .claude/settings.json → mcpServers:
{
"mcpServers": {
"cloudflare-mcp-pro": {
"command": "node",
"args": ["projects/cloudflare-mcp-pro/dist/index.js"],
"env": {
"CLOUDFLARE_API_TOKEN": "your-token",
"CLOUDFLARE_ACCOUNT_ID": "your-account-id"
}
}
}
}
Add to Claude Desktop
- Mac:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
{
"mcpServers": {
"cloudflare-mcp-pro": {
"command": "node",
"args": ["/absolute/path/projects/cloudflare-mcp-pro/dist/index.js"],
"env": {
"CLOUDFLARE_API_TOKEN": "your-token",
"CLOUDFLARE_ACCOUNT_ID": "your-account-id"
}
}
}
}
Human-approval gate
Every mutating tool (any create_*, update_*, delete_*, deploy_*, put_*, edit_*, purge_cache, query_d1, run_ai, …) is gated server-side. Read-only tools (list_*, get_*, verify_token, export_dns_records, analytics) are never gated.
- Calling a mutating tool without
confirm: truereturns aconfirmation_requiredpreview describing the tool, the risk level, and the (secret-redacted) arguments — and does not execute. - Re-call the same tool with
"confirm": trueto actually perform it, after a human has approved.
This gate is enforced in the server regardless of the MCP client, and works alongside the MCP annotations (destructiveHint) that prompt the human in compatible clients like Claude Code. Secret values (e.g. Worker secret text) are redacted from previews and never appear in error messages.
// 1) preview (no confirm) → nothing happens
delete_zone { "zone_id": "..." }
// → { "status": "confirmation_required", "risk": "DESTRUCTIVE — ...", ... }
// 2) after human approval
delete_zone { "zone_id": "...", "confirm": true } // actually deletes
Tools (69)
List tools accept fetch_all: true to follow pagination. Mutating tools accept confirm: true (see the gate above). Every tool advertises MCP annotations (readOnlyHint / destructiveHint / idempotentHint).
Account — verify_token, list_accounts
Zones & settings — list_zones, get_zone, create_zone, delete_zone, purge_cache, get_zone_analytics, get_zone_setting, update_zone_setting
DNS — list_dns_records, create_dns_record, update_dns_record, delete_dns_record, get_dnssec, edit_dnssec, export_dns_records
Workers — list_workers, get_worker, deploy_worker, delete_worker, list_worker_routes, create_worker_route, delete_worker_route, put_worker_secret, delete_worker_secret, update_worker_cron
KV — list_kv_namespaces, create_kv_namespace, kv_list_keys, kv_get, kv_put, kv_delete
R2 — list_r2_buckets, create_r2_bucket, delete_r2_bucket
D1 — list_d1_databases, create_d1_database, query_d1
Pages — list_pages_projects, get_pages_project
WAF & firewall — list_firewall_rulesets, get_ruleset, list_access_rules, create_access_rule, delete_access_rule
Page rules — list_page_rules, create_page_rule, delete_page_rule
SSL/TLS — list_certificate_packs, get_ssl_verification, order_certificate_pack
Custom hostnames (SaaS) — list_custom_hostnames, create_custom_hostname, delete_custom_hostname
Email Routing — list_email_rules, create_email_rule, list_email_destinations
Queues — list_queues, create_queue, delete_queue
Tunnels — list_tunnels, get_tunnel
Turnstile — list_turnstile_widgets, create_turnstile_widget
Workers AI — list_ai_models, run_ai
Logpush — list_logpush_jobs, create_logpush_job
Author
Helbert Paranhos / Strat Academy — stratacademy.com.br
- GitHub: @helbertparanhos
- Instagram: @helbertparanhos
- YouTube: @stratacademy
- LinkedIn: helbert-paranhos
License
MIT — see LICENSE.
Установить Cloudflare Pro в Claude Desktop, Claude Code, Cursor
unyly install cloudflare-mcp-proСтавит в Claude Desktop, Claude Code, Cursor и VS Code — сам разбирается с npx, uvx и сборкой из исходников.
Впервые? Поставь CLI: curl -fsSL https://unyly.org/install | sh
Или настроить вручную
Выполни в терминале:
claude mcp add cloudflare-mcp-pro -- npx -y cloudflare-mcp-proFAQ
Cloudflare Pro MCP бесплатный?
Да, Cloudflare Pro MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Cloudflare Pro?
Нет, Cloudflare Pro работает без API-ключей и переменных окружения.
Cloudflare Pro — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Cloudflare Pro в Claude Desktop, Claude Code или Cursor?
Открой Cloudflare Pro на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Gmail
Read, send and search emails from Claude
автор: GoogleSlack
Send, search and summarize Slack messages
автор: SlackRunbear
No-code MCP client for team chat platforms, such as Slack, Microsoft Teams, and Discord.
Discord Server
A community discord server dedicated to MCP by [Frank Fiegel](https://github.com/punkpeye)
Compare Cloudflare Pro with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории communication
