Follow the steps in order. Flare53 will show the exact DNS records and tell you when each action is safe to complete.
Enter the public domain and its separate origin in your dashboard.
Copy the validation record shown by Flare53.
Flare53 checks the record and prepares HTTPS automatically.
Add the final DNS record, then test the public website.
After testing, stop visitors from reaching the real origin directly.
Open your dashboard and enter two different addresses. The public website is what visitors use. The origin is the real server or hosting location that Flare53 connects to behind the scenes.
https://www.example.comhttps://origin.example.comThis record proves you control the domain, so we can issue your SSL certificate. Your real values appear on your Setup Status page after you add your domain. The values below are examples of what it looks like.
Example values Copy your real values from the Setup Status page — these are only to show the format.
After you add the record, there is nothing else to do. Flare53 checks for it automatically and issues the certificate. This usually takes minutes, sometimes up to a few hours if DNS is slow to update.
Once SSL is ready, point your website domain at Flare53. After the DNS change, open the public website and test several pages before continuing to origin protection.
Example values Your real target appears on the Setup Status page when it is safe to change.
Your setup is not fully protected while visitors can still open the origin address directly. Complete this step only after the public website works correctly through Flare53.
www.example.com → worksorigin.example.com → workswww.example.com → worksorigin.example.com → access deniedUse the rule provided on your Origin Protection page for cPanel, Apache, Nginx, IIS, or your application.
Send the provider message below and ask your host to apply the rule for you.
Keep the storage private and allow website files to be retrieved only through the Flare53 delivery path.
Most DNS providers want the short name (like www). Use the full name only if your provider asks for a full record name or FQDN.
DNS values are hostnames only. Do not include https:// in any DNS name or target.
Using example.com without www? Your DNS provider must support ALIAS, ANAME, or CNAME flattening. If not, start with www.
Open several public pages, images, forms, and login areas before applying the origin protection rule.
Your Setup Status page shows the exact records to copy, live progress, and what to do next.