Secure MCP server for Cloudflare DNS, Transform Rules, and Page Rules
Project description
MCP Cloudflare CrunchTools
A secure MCP (Model Context Protocol) server for Cloudflare DNS, Transform Rules, Page Rules, and cache management.
Overview
This MCP server is designed to be:
- Secure by default - Comprehensive threat modeling, input validation, and token protection
- No third-party services - Runs locally via stdio, your API token never leaves your machine
- Cross-platform - Works on Linux, macOS, and Windows
- Automatically updated - GitHub Actions monitor for CVEs and update dependencies
- Containerized - Available at
quay.io/crunchtools/mcp-cloudflarebuilt on Hummingbird Python base image
Naming Convention
| Component | Name |
|---|---|
| GitHub repo | crunchtools/mcp-cloudflare |
| Container | quay.io/crunchtools/mcp-cloudflare |
| Python package (PyPI) | mcp-cloudflare-crunchtools |
| CLI command | mcp-cloudflare-crunchtools |
| Module import | mcp_cloudflare_crunchtools |
Why Hummingbird?
The container image is built on the Hummingbird Python base image, which provides:
- Minimal CVE exposure - Hummingbird images are built with a minimal package set, dramatically reducing the attack surface compared to general-purpose images
- Red Hat UBI foundation - Built on Red Hat Universal Base Image, providing enterprise-grade security, compliance, and support
- Regular updates - Security patches are applied promptly, keeping CVE counts low
- Optimized for Python - Pre-configured Python environment with uv package manager for fast, reproducible builds
- Production-ready - Designed for production workloads with proper signal handling and non-root user defaults
This combination means your MCP server runs in a hardened environment with fewer vulnerabilities than typical Python container images
Features
Zone Management (2 tools)
list_zones- List all zones accessible by your API tokenget_zone- Get zone details by ID or domain name
DNS Records (5 tools)
list_dns_records- List DNS records with filteringget_dns_record- Get a single DNS recordcreate_dns_record- Create A, AAAA, CNAME, MX, TXT, NS, SRV, CAA recordsupdate_dns_record- Update existing recordsdelete_dns_record- Delete records
Transform Rules (6 tools)
list_request_header_rules/set_request_header_rules- Modify request headerslist_response_header_rules/set_response_header_rules- Modify response headerslist_url_rewrite_rules/set_url_rewrite_rules- URL path/query rewrites
Page Rules (4 tools)
list_page_rules- List all page rulescreate_page_rule- Create redirects, cache settings, SSL modesupdate_page_rule- Modify existing rulesdelete_page_rule- Remove rules
Cache Management (1 tool)
purge_cache- Purge by URL, tag, host, prefix, or everything
Installation
With uvx (Recommended)
uvx mcp-cloudflare-crunchtools
With pip
pip install mcp-cloudflare-crunchtools
With Container
podman run -e CLOUDFLARE_API_TOKEN=your_token \
quay.io/crunchtools/mcp-cloudflare
Configuration
Creating a Cloudflare API Token
-
Navigate to API Tokens
- Go to https://dash.cloudflare.com/profile/api-tokens
- Click "Create Token"
- Click "Get started" next to "Create Custom Token"
-
Configure Token Name
- Enter:
mcp-cloudflare-crunchtools
- Enter:
-
Configure Permissions
The Permissions section has three dropdowns per row:
- First dropdown: Resource type (
AccountorZone) - Second dropdown: Specific permission category
- Third dropdown: Access level (
ReadorEdit)
Click "+ Add more" to add each permission row. For full management, add:
Resource Permission Access Zone Zone Read Zone DNS Edit Zone Page Rules Edit Zone Transform Rules Edit Zone Cache Purge Purge - First dropdown: Resource type (
-
Configure Zone Resources
- First dropdown: Select "Include"
- Second dropdown: Select "All zones" or "Specific zone"
-
Configure Client IP Address Filtering (Optional)
- Click "Use my IP" button to restrict token to your current IP
-
Create and Copy Token
- Click "Continue to summary" → "Create Token"
- IMPORTANT: Copy the token immediately - it's only shown once!
Add to Claude Code
claude mcp add mcp-cloudflare-crunchtools \
--env CLOUDFLARE_API_TOKEN=your_token_here \
-- uvx mcp-cloudflare-crunchtools
Or for the container version:
claude mcp add mcp-cloudflare-crunchtools \
--env CLOUDFLARE_API_TOKEN=your_token_here \
-- podman run -i --rm -e CLOUDFLARE_API_TOKEN quay.io/crunchtools/mcp-cloudflare
Permission Sets by Use Case
Read-Only (viewing only)
| Resource | Permission | Access |
|---|---|---|
| Zone | Zone | Read |
| Zone | DNS | Read |
DNS Management Only
| Resource | Permission | Access |
|---|---|---|
| Zone | Zone | Read |
| Zone | DNS | Edit |
Full Management (all features)
| Resource | Permission | Access |
|---|---|---|
| Zone | Zone | Read |
| Zone | DNS | Edit |
| Zone | Page Rules | Edit |
| Zone | Transform Rules | Edit |
| Zone | Cache Purge | Purge |
Usage Examples
List Your Zones
User: List my Cloudflare zones
Assistant: [calls list_zones]
Create a DNS Record
User: Create an A record for www.example.com pointing to 192.168.1.1
Assistant: [calls create_dns_record with type=A, name=www, content=192.168.1.1]
Add Security Headers
User: Add X-Content-Type-Options: nosniff to all responses for zone abc123...
Assistant: [calls set_response_header_rules with appropriate rule]
Purge Cache
User: Purge the cache for https://example.com/styles.css
Assistant: [calls purge_cache with files=["https://example.com/styles.css"]]
Security
This server was designed with security as a primary concern. See SECURITY.md for:
- Threat model and attack vectors
- Defense in depth architecture
- Token handling best practices
- Input validation rules
- Audit logging
Key Security Features
-
Token Protection
- Stored as SecretStr (never accidentally logged)
- Environment variable only (never in files or args)
- Sanitized from all error messages
-
Input Validation
- Pydantic models for all inputs
- Allowlist for record types, actions
- Strict format validation for IDs
-
API Hardening
- Hardcoded API base URL (prevents SSRF)
- TLS certificate validation
- Request timeouts
- Response size limits
-
Automated CVE Scanning
- GitHub Actions scan dependencies weekly
- Automatic PRs for security updates
- Dependabot alerts enabled
Development
Setup
git clone https://github.com/crunchtools/mcp-cloudflare.git
cd mcp-cloudflare
uv sync
Run Tests
uv run pytest
Lint and Type Check
uv run ruff check src tests
uv run mypy src
Build Container
podman build -t mcp-cloudflare .
License
Apache-2.0
Contributing
Contributions welcome! Please read SECURITY.md before submitting security-related changes.
Links
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mcp_cloudflare_crunchtools-0.1.0.tar.gz.
File metadata
- Download URL: mcp_cloudflare_crunchtools-0.1.0.tar.gz
- Upload date:
- Size: 25.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b2fff64850eb39de978c5f4605f57dc5372ec3de84ff5310661afec00d7fb124
|
|
| MD5 |
f3b17d45e88d8d179211d0253a7a7dcd
|
|
| BLAKE2b-256 |
f997c843614b4d37f23fdad4cdbb5103a262488a2979235dba1ee96262b09ddb
|
Provenance
The following attestation bundles were made for mcp_cloudflare_crunchtools-0.1.0.tar.gz:
Publisher:
publish.yml on crunchtools/mcp-cloudflare
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
mcp_cloudflare_crunchtools-0.1.0.tar.gz -
Subject digest:
b2fff64850eb39de978c5f4605f57dc5372ec3de84ff5310661afec00d7fb124 - Sigstore transparency entry: 953058444
- Sigstore integration time:
-
Permalink:
crunchtools/mcp-cloudflare@7902bda45b1970d70cf02974fdef889de9510478 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/crunchtools
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@7902bda45b1970d70cf02974fdef889de9510478 -
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file mcp_cloudflare_crunchtools-0.1.0-py3-none-any.whl.
File metadata
- Download URL: mcp_cloudflare_crunchtools-0.1.0-py3-none-any.whl
- Upload date:
- Size: 21.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
49b57af402c831210e2921b7c210ca14f70442157b08c66f1670db94a83f8f55
|
|
| MD5 |
49b42d56e2f16527198fd050e2cbdfa4
|
|
| BLAKE2b-256 |
183676e951726fa7041d6573f62a9c93fcb51694fb60bcaaf55d1c8a9d2ba46c
|
Provenance
The following attestation bundles were made for mcp_cloudflare_crunchtools-0.1.0-py3-none-any.whl:
Publisher:
publish.yml on crunchtools/mcp-cloudflare
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
mcp_cloudflare_crunchtools-0.1.0-py3-none-any.whl -
Subject digest:
49b57af402c831210e2921b7c210ca14f70442157b08c66f1670db94a83f8f55 - Sigstore transparency entry: 953058456
- Sigstore integration time:
-
Permalink:
crunchtools/mcp-cloudflare@7902bda45b1970d70cf02974fdef889de9510478 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/crunchtools
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@7902bda45b1970d70cf02974fdef889de9510478 -
Trigger Event:
workflow_dispatch
-
Statement type:
