How to Clone Cloudflare Configuration (English)

Managing multiple websites can be tedious when you have to manually configure DNS records, Page Rules, and Security Settings for every new domain. This guide demonstrates how to use the Cloudflare API to clone an entire configuration from a source domain to a target domain in seconds.

1. API Token Preparation

To automate the process, you need a User API Token with the following permissions:

  • Go to: Cloudflare API Tokens -> Create Token.
  • Permissions:
    • Account - Account Settings - Read
    • Zone - Zone Settings - Edit
    • Zone - DNS - Edit
    • Zone - Page Rules - Edit
    • Zone - SSL and Certificates - Edit
    • Zone - Firewall Services - Edit
    • Zone - Zone WAF - Edit
    • Zone - Zone - Edit
  • Zone Resources: Select All zones from an account (allows reading from source and writing to target).

2. The Workflow (Hybrid Script)

We use a “hybrid” Python script that supports both direct file editing (for humans) and Command Line Arguments (CLI) for Bots/Automation.

Source Code

Download the sample script here: cloudflare_clone_script.py

Usage

Method 1: For Humans (Manual)

  1. Open the script file.
  2. Edit the DEFAULT_CONFIG section at the top.
  3. Fill in your Token and IDs.
  4. Run: python cloudflare_clone_script.py

Method 2: For Bots/Automation (CLI) No file editing needed. Just pass arguments:

python cloudflare_clone_script.py \
  --token "YOUR_TOKEN" \
  --source-id "SOURCE_ZONE_ID" \
  --dest-id "DEST_ZONE_ID" \
  --source-domain "old-site.com" \
  --dest-domain "new-site.com" \
  --ip "1.2.3.4"

What The Script Does

Step 1: Clone DNS Records

The script reads essential records from the source and recreates them on the target:

  • A Records: Point @ and www to the destination VPS IP (e.g., your_vps_ip).
  • MX/TXT Records: Automatically setup Email configurations (e.g., LarkSuite, Google Workspace).

Step 2: Clone Page Rules

This is the most valuable part. The script will:

  1. Fetch Page Rules from the source domain.
  2. Replace the old domain string with the new one.
  3. Push the modified rules to the new domain. Benefit: Preserves critical security rules like protecting wp-admin or caching static files without manual reentry.

Step 3: Sync Zone Settings

Apply standard security settings:

  • SSL/TLS: Flexible/Full.
  • Always Use HTTPS: ON.
  • Min TLS Version: 1.0 (or 1.2 for higher security).
  • Security Level: Medium.

3. The Result

With a single script execution, the new domain sensakai.com is ready to serve traffic with: ✅ Correct DNS records pointing to the new VPS. ✅ Security Page Rules identical to the source site. ✅ HTTPS enabled automatically.

This solution saves hours of manual work and ensures consistency across your entire web system.