Install command
Provided
Build applications, analyze traffic, and manage security settings through Cloudflare
Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.
Decision playbook
Signals are comparatively strong, but you should still validate source, privacy posture, and package provenance for your environment.
0
96
—
No baseline selected
No major trust-signal divergence detected in the current selection.
Confirm ownership and provenance before trusting install instructions.
Source link availableRequired
Open the canonical repository and verify ownership.
Source provenance statusRequired
Marked as first-party.
Metadata reviewed
Registry metadata indicates a reviewed listing.
Validate risk disclosures before installation or API wiring.
Safety notes presentRequired
Review the listed safety guidance before running commands.
Privacy notes presentRequired
Review data handling notes before connecting accounts or secrets.
Trust level risk gateRequired
Trust level does not block evaluation.
Check package metadata and artifact integrity signals.
Install payload available
Install or copy payload is available for review.
Package verification flag
Package marked verified.
Checksum metadata
SHA-256 hash is present.
Use compare context to validate trade-offs before adoption.
Compare tray has multiple entries
Add at least one more entry to compare trust differences.
Baseline comparison available
No baseline peer selected yet.
Diverging trust signals identified
No major trust-signal divergence found.
Setup at a glance
Copy-ready — paste the snippet to get started.
Install command
Provided
Config snippet
Provided
Copy snippet
Provided
Prerequisites
10 to clear
Platforms
4 listed
Difficulty
5/100
Adoption plan
Current risk score 0/100. Use staged verification before broader rollout.
Validate source and review signals before any execution.
Confirm source provenanceRequired
Source URL/provenance metadata is present.
Confirm metadata review state
Listing has review metadata.
Verify install payload
Install/config payload exists and can be inspected.
Confirm safety, privacy, and package integrity signals.
Review safety notesRequired
Safety notes are present.
Review privacy notesRequired
Privacy notes are present.
Verify package integrity metadata
Package verification/checksum metadata is available.
Adopt in controlled steps based on the selected plan.
Run in isolated sandbox firstRequired
Use a constrained sandbox and observe behavior across multiple tasks.
Roll out graduallyRequired
Roll out to a small cohort before wider usage.
Set monitoring and fallback
Define rollback path and monitor errors after adoption.
Evidence readiness
Required evidence gates are covered (6/6 signals complete).
Source repository/provenance is listed.
Required in this preset
Review metadata is present.
Required in this preset
Safety notes are present.
Required in this preset
Privacy notes are present.
Optional in this preset
Package integrity metadata is present.
Optional in this preset
Install payload is available.
Required in this preset
Required evidence gates are covered for this preset.
Decision timeline
6/6 steps complete with no blocking gaps for this preset.
triage
Source/provenance metadata is available.
triage
Review metadata is available.
verify
Safety notes are available.
verify
Privacy notes are available.
verify
Package integrity metadata is available.
rollout
Install payload is available.
No required blockers for this timeline preset.
Prerequisite readiness
10 prerequisites to line up before setup. Have accounts and credentials ready first.
Safety & privacy surface
1 safety and 1 privacy notes across 2 risk areas. Review closely: credentials & tokens.
{
"cloudflare": {
"env": {
"CLOUDFLARE_API_TOKEN": "${CLOUDFLARE_API_TOKEN}",
"CLOUDFLARE_ACCOUNT_ID": "${CLOUDFLARE_ACCOUNT_ID}"
},
"args": [
"-y",
"@cloudflare/mcp-server-cloudflare"
],
"command": "npx"
}
}Manage Cloudflare services and configurations through Claude for comprehensive infrastructure control.
{
"cloudflare": {
"env": {
"CLOUDFLARE_API_TOKEN": "${CLOUDFLARE_API_TOKEN}",
"CLOUDFLARE_ACCOUNT_ID": "${CLOUDFLARE_ACCOUNT_ID}"
},
"args": ["-y", "@cloudflare/mcp-server-cloudflare"],
"command": "npx"
}
}
Common usage pattern for this MCP server
Ask Claude: "Add DNS record for subdomain"
Common usage pattern for this MCP server
Ask Claude: "Deploy Worker script"
Common usage pattern for this MCP server
Ask Claude: "Show traffic analytics"
Common usage pattern for this MCP server
Ask Claude: "Configure firewall rule"
Create a new Cloudflare DNS A record with TTL configuration
// Create Cloudflare DNS record
const record = await cloudflare.dns.records.create({
zone_id: "zone-id",
type: "A",
name: "example.com",
content: "192.0.2.1",
ttl: 3600,
});
Cloudflare global rate limit is 1,200 requests per 5 minutes. Wait for 5-minute window to reset. Distribute API calls across time and implement request throttling to stay under 4 requests per second.
Add Content-Type: application/json header to your API request. Verify request body is properly formatted JSON and includes all required parameters for the endpoint.
Contact your Cloudflare Account Team to enable Enterprise rate limiting features. Verify your account tier supports advanced rate limiting or migrate to Ruleset Engine API.
Verify API token has Firewall Services Write permission for rate limiting. Check token hasn't expired and regenerate from Cloudflare dashboard if needed. Use Bearer authentication, not email/key pair.
Ensure API token has correct zone and account-level permissions. Verify you're using Ruleset Engine API (not deprecated Rate Limiting API) and check account tier supports feature.
Verify API token is valid and not expired. Check token permissions match required operations. Ensure token format is correct (Bearer token in Authorization header). For Global API keys, verify email and key combination is correct.
Implement exponential backoff retry logic with jitter. Use batch operations to reduce API calls. Cache frequently accessed zone data. Monitor rate limit headers and adjust request frequency accordingly. Cloudflare allows 1,200 requests per 5 minutes per API token.
Verify API token has access to the zone and account. Check zone permissions and account membership. Ensure API token scopes include required zone and DNS permissions.
Check network connectivity and firewall settings. Verify Cloudflare API endpoints are accessible. Increase request timeout values. Implement connection pooling and retry mechanisms with exponential backoff.
Cloudflare MCP Server - MCP Servers side by side with 2 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
2 trust signals differ across this comparison (Package trust, Source provenance).
| Field | Build applications, analyze traffic, and manage security settings through Cloudflare Open dossier | Connect Claude to DigitalOcean — manage Apps, Droplets, managed Databases, Kubernetes, Container Registry, networking, and Functions — with DigitalOcean's official Model Context Protocol server. Open dossier | Create, deploy, and manage websites on Netlify platform Open dossier |
|---|---|---|---|
| Next steps | |||
| Trust | |||
| Review status | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed |
| Package trustDiffers | Package verified | Package not verified | Package verified |
| Source provenanceDiffers | Source-backed | Source-backed | No submission link |
| Submitter | — | — | — |
| Install risk | Low risk | Review first | Low risk |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Brand | |||
| Category | mcp | mcp | mcp |
| Source | first-party | source-backed | first-party |
| Author | Cloudflare | DigitalOcean | Netlify |
| Added | 2025-09-18 | 2026-06-17 | 2025-09-18 |
| Platforms | Claude CodeCodexCursorClaude Desktop | Claude CodeClaude Desktop | Claude CodeClaude Desktop |
| Source repo | — | — | — |
| Safety notes | ✓Use a least-privilege Cloudflare token because DNS, security, Worker, and deployment actions can affect production services. | ✓Tools can create, update, restart, and delete live infrastructure (Apps, Droplets, Databases) — scope the API token and select only the --services you need. Destructive actions (delete, rollback) act on production resources; confirm before running them through Claude. | ✓Scope Netlify team and site permissions because deploy, environment, and domain changes can affect production websites. |
| Privacy notes | ✓Zone settings, analytics, logs, account identifiers, deployment metadata, and security configuration may be sent through model context. | ✓Resource metadata, logs, and metrics enter the MCP client context and the model's prompt. The DIGITALOCEAN_API_TOKEN is a secret — store it in the client config or environment, never in shared repositories. | ✓Build logs, deployment history, site metadata, environment variable names, domains, and team details may be exposed. |
| Prerequisites |
|
|
|
| Install | | | |
| Config | | | |
| Citations | |||
| Claim | Unclaimed | Unclaimed | Unclaimed |
Source-backed guides for putting this to work.
Audit MCP client configuration before sharing it with a team.
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.