Cloudflare MCP Server

Modern Model-Context-Protocol (MCP) server that exposes Cloudflare DNS, security, redirects and zone-settings functionality as structured tools which any compliant AI client (e.g. Claude Desktop) can invoke.

✨ Key Features

Rich Tool Catalog – 16 read & write operations covering DNS records, WAF rules, page-rule redirects, cache purge, zone settings and more.
Plug-and-Play with Claude Desktop – ships with STDIO transport so Claude immediately lists & calls tools; no extra adaptor required.
Type-Safe – written in TypeScript and powered by @modelcontextprotocol/sdk, with zod schemas for every tool’s params & return value.
Non-destructive by Default – destructive certificate-ordering functions are disabled out-of-the-box to prevent accidental cost.
Script Library & Tests – one-shot scripts for manual ops plus Jest integration/unit tests.

🚀 Quick Start

# 1. Clone & install
npm install

# 2. Configure credentials
cp config/.env.example .env
$EDITOR .env          # put your CLOUDFLARE_API_TOKEN

# 3. Build & run the server (stdio)
npm run build
node dist/index.js    # Claude Desktop will auto-detect

Need a sandbox? Cloudflare Workers Free Plan lets you create test zones.

🛠️ Tool Catalog

Category	Tool Name	Description
General	`echo`	Round-trip text for connectivity testing
Zones	`list_zones`	Enumerate zones the token can access
Zones	`get_zone_settings`	Return full settings object
Zones	`list_zone_settings`	Short settings summary
DNS	`list_dns_records`	Read all DNS RRsets
DNS	`create_dns_record`*	Add a record
DNS	`update_dns_record`*	Modify record
DNS	`delete_dns_record`*	Remove record
Security	`list_waf_rules`	Read firewall rules
Security	`create_security_rule`*	Add firewall rule
Security	`update_security_rule`*	Edit firewall rule
Security	`delete_security_rule`*	Delete firewall rule
Redirect	`list_page_rules`	List redirects/page-rules
Redirect	`create_redirect`*	Create redirect
Redirect	`delete_page_rule`*	Delete redirect
Cache	`purge_cache`*	Purge URL or everything

* Destructive operations – use with care.

SSL cert ordering/upload functions are intentionally not registered. Enable them by removing the filter in src/index.ts if required.

🧑‍💻 Development

# Watch-mode compile
npm run dev

# Run the full test suite
npm test

# Lint
npm run lint

Handy demo scripts live under scripts/ (e.g. scripts/list-dns-demo.ts). All accept a --zone flag.

🏗️ Architecture

src/index.ts – entrypoint; merges tool maps and registers them with McpServer.
src/tools/ – individual tool modules, each exporting { tools, description }.
src/cloudflare-client.ts – thin wrapper around axios + CF API base URL.
tests/ – Jest tests (unit + integration).

The server communicates over STDIO using JSON-RPC 2.0 as defined by the MCP SDK. See docs/API.md.

🤝 Contributing

PRs & issues are welcome! Please read REFERENCE.md for coding conventions and style guidelines.

Fork → feature branch → PR.
Ensure npm test passes.
Describe the tool behaviour or bug clearly.

📜 License

Made with Windsurf

✨ Key Features

Rich Tool Catalog – 16 read & write operations covering DNS records, WAF rules, page-rule redirects, cache purge, zone settings and more.

Plug-and-Play with Claude Desktop – ships with STDIO transport so Claude immediately lists & calls tools; no extra adaptor required.

Type-Safe – written in TypeScript and powered by @modelcontextprotocol/sdk, with zod schemas for every tool’s params & return value.

Non-destructive by Default – destructive certificate-ordering functions are disabled out-of-the-box to prevent accidental cost.

Script Library & Tests – one-shot scripts for manual ops plus Jest integration/unit tests.

🚀 Quick Start

# 1. Clone & install npm install # 2. Configure credentials cp config/.env.example .env $EDITOR .env # put your CLOUDFLARE_API_TOKEN # 3. Build & run the server (stdio) npm run build node dist/index.js # Claude Desktop will auto-detect

Need a sandbox? Cloudflare Workers Free Plan lets you create test zones.

🛠️ Tool Catalog

Category	Tool Name	Description
General	`echo`	Round-trip text for connectivity testing
Zones	`list_zones`	Enumerate zones the token can access
Zones	`get_zone_settings`	Return full settings object
Zones	`list_zone_settings`	Short settings summary
DNS	`list_dns_records`	Read all DNS RRsets
DNS	`create_dns_record`*	Add a record
DNS	`update_dns_record`*	Modify record
DNS	`delete_dns_record`*	Remove record
Security	`list_waf_rules`	Read firewall rules
Security	`create_security_rule`*	Add firewall rule
Security	`update_security_rule`*	Edit firewall rule
Security	`delete_security_rule`*	Delete firewall rule
Redirect	`list_page_rules`	List redirects/page-rules
Redirect	`create_redirect`*	Create redirect
Redirect	`delete_page_rule`*	Delete redirect
Cache	`purge_cache`*	Purge URL or everything

* Destructive operations – use with care.

SSL cert ordering/upload functions are intentionally not registered. Enable them by removing the filter in src/index.ts if required.

🏗️ Architecture

src/index.ts – entrypoint; merges tool maps and registers them with McpServer.

src/tools/ – individual tool modules, each exporting { tools, description }.

src/cloudflare-client.ts – thin wrapper around axios + CF API base URL.

tests/ – Jest tests (unit + integration).

The server communicates over STDIO using JSON-RPC 2.0 as defined by the MCP SDK. See docs/API.md.

Cloudflare MCP Server

README Documentation

Cloudflare MCP Server

✨ Key Features

🚀 Quick Start

🛠️ Tool Catalog

🧑‍💻 Development

🏗️ Architecture

🤝 Contributing

📜 License

Quick Actions

Key Features

Cloudflare MCP Server

README Documentation

Cloudflare MCP Server

✨ Key Features

🚀 Quick Start

🛠️ Tool Catalog

🧑‍💻 Development

🏗️ Architecture

🤝 Contributing

📜 License

Quick Actions

Key Features