Setup guide

Connect your domain to Flare53.

Follow the steps in order. Flare53 will show the exact DNS records and tell you when each action is safe to complete.

How it works

Five steps, in order

1Add your website

Enter the public domain and its separate origin in your dashboard.

2Add SSL DNS

Copy the validation record shown by Flare53.

3Wait for SSL

Flare53 checks the record and prepares HTTPS automatically.

4Go live and test

Add the final DNS record, then test the public website.

5Protect the origin

After testing, stop visitors from reaching the real origin directly.

Important: do not change the final website DNS until Flare53 says SSL is ready. Do not protect the origin until the public website is active and tested.
Step 1 of 5

Add your public website and origin

Open your dashboard and enter two different addresses. The public website is what visitors use. The origin is the real server or hosting location that Flare53 connects to behind the scenes.

Public websiteThe address visitors open.https://www.example.com
OriginThe separate address that serves your website content.https://origin.example.com
They must be different: do not enter www.example.com as both the public website and the origin. The origin must be reachable before setup can begin.
Open dashboard →
Step 2 of 5

The SSL validation DNS record

This record proves you control the domain, so we can issue your SSL certificate. Your real values appear on your Setup Status page after you add your domain. The values below are examples of what it looks like.

Type
CNAME
Host / Name
_abc123.www
Value / Target
_xyz789.validation.example.net
TTL
Auto or 300

Example values Copy your real values from the Setup Status page — these are only to show the format.

Step 3 of 5

SSL verification happens automatically

After you add the record, there is nothing else to do. Flare53 checks for it automatically and issues the certificate. This usually takes minutes, sometimes up to a few hours if DNS is slow to update.

You add one CNAME record.
We detect it and issue SSL for free.
You get an email when it is ready.
Step 4 of 5

The final DNS change

Once SSL is ready, point your website domain at Flare53. After the DNS change, open the public website and test several pages before continuing to origin protection.

Type
CNAME
Host / Name
www
Value / Target
your-flare53-target.example.net
TTL
Auto or 300

Example values Your real target appears on the Setup Status page when it is safe to change.

Step 5 of 5

Secure the origin after your website is live

Your setup is not fully protected while visitors can still open the origin address directly. Complete this step only after the public website works correctly through Flare53.

Should workVisitor → www.example.com → Flare53 → origin
Should be blockedVisitor or bot → origin.example.com directly
Before protectionBoth addresses may still open.www.example.com → worksorigin.example.com → works
After protectionOnly the public website should be available to visitors.www.example.com → worksorigin.example.com → access denied
How it works: Flare53 sends a private origin header. Configure your server or hosting provider to allow the request only when that private header is present and correct.
🧩
WordPress or web server

Use the rule provided on your Origin Protection page for cPanel, Apache, Nginx, IIS, or your application.

💬
Managed or shared hosting

Send the provider message below and ask your host to apply the rule for you.

🔒
S3 or static storage

Keep the storage private and allow website files to be retrieved only through the Flare53 delivery path.

Example message for your hosting provider

Please configure origin.example.com to reject direct public requests. Allow requests only when the private X-Flare53-Origin-Secret header contains the value shown on my Flare53 Origin Protection page. Please confirm that www.example.com still works after the rule is applied.
Do this last: first confirm that the setup status is active and test the public website. Applying the rule too early can make the website unavailable.
Open dashboard →Open origin protection guide
Helpful tips

Small things that save time

✂️
Short name vs full name

Most DNS providers want the short name (like www). Use the full name only if your provider asks for a full record name or FQDN.

🚫
Never paste https://

DNS values are hostnames only. Do not include https:// in any DNS name or target.

🌐
Root domains

Using example.com without www? Your DNS provider must support ALIAS, ANAME, or CNAME flattening. If not, start with www.

🧪
Test before the final security step

Open several public pages, images, forms, and login areas before applying the origin protection rule.

Ready for your real DNS values?

Your Setup Status page shows the exact records to copy, live progress, and what to do next.

Open Setup Status →