Cloudflare Configuration
This guide walks you through configuring Cloudflare DNS and SSL correctly
for a panel and node setup.
Please follow each step in order.
Prerequisites
- If you did not do so far, please create an account on Cloudflare.
-
Important!
If you did not purchase a domain via Cloudflare, make sure you change your nameservers to the Cloudflare nameservers. These can be found in the DNS section under the Records tab.
More information about adding an existing domain to Cloudflare can be found on the Cloudflare documentation .
Create an A-record named "panel"
When you are sure your domain is correctly setup, go to the left navigation menu and find the DNS section.
Next, we are going to add an A-record to your desired domain.
This A-record will be used to host our pterodactyl panel website.
An A-record is used to connect a subdomain to an IP address of your choice.
This creates a name in front of your existing domain,
for example wiki.casper-rs.dev, pointing to your VPS or server.
This way, Cloudflare knows which subdomain is connected to which IP address.
The (proxy status) hides the IP address you entered when creating
the record.
Cloudflare routes traffic through their network and exposes
Cloudflare IPs instead of your server IP.
This makes your server less vulnerable to (D)DoS attacks.
When you leave it on DNS only (), your server's ip-address will be exposed and vulnerable for attacks.
Below is an example A-record. Make sure to replace <SERVER_IP> with your VPS's ip-address.
When you succesfully created this record, go on to step 2.
Type: A
Name: panel
IP: <SERVER_IP>
Proxy: Enabled (Orange Cloud)Create an A-record called "node"
Next up, we will create another A-record, which will be used to host our actual minecraft servers on.
This A-record will be used later in the documentation, where we will setup Pterodactyl Wings.
The A-record for wings should never be proxied through CloudFlare!
As stated in the previous step's information section,
when the record its proxied, a cloudflare ip-address will be used instead.
We cannot use a cloudflare ip to host our minecraft servers, because the cloudflare ip changes overtime.
So we leave this record on DNS only, so our minecraft servers use the actual server ip.
Make sure to never share this record or ip address!
Below is an example A-record. Make sure to replace <SERVER_IP> with your VPS's ip-address.
When you succesfully created this record, go on to step 3.
Type: A
Name: node
IP: <SERVER_IP>
Proxy: Disabled (Gray Cloud)Configure SSL / TLS Mode
Next up, go to the navigation bar on the left side again. Find the section called SSL/TLS.
Then click on "overview"
Change the encryption mode to Full.
This will break the panel website because SSL not being applied correctly!
Create Origin Certificate
Now, we will create a custom SSL certificate.
This is to make sure our Pterodactyl Panel website will have an encrypted connection for browers.
To do this, navigate to SSL/TLS → Origin Server in the same SSL/TLS section.
Then click on "create certificate"
Make sure everything looks like the same as the code below.
Make sure to replace yourdomain.com with your purchased domain name.
The information should be this by default, so you would only need to click on the button "create".
Key Type: RSA (2048)
HostName: panel.yourdomain.com
Validity: 15 years
After you created your certificate, a new page will open showing you 2 generated codes.
Make sure to save them for later, both are required for installing pterodactyl.
They cannot be retrieved later and are required for installation.