This article brings together the most frequently asked questions about domain management on Rapyd Cloud. Whether you are setting up a custom domain for the first time, managing DNS records, or trying to understand how Cloudflare, caching, and security work on your site, you will find clear answers here.

Rapyd Cloud's domain infrastructure is built on Cloudflare. Every custom domain connected to a Rapyd site goes through Cloudflare in one form or another, and that setup unlocks enterprise-grade performance and security that most customers would otherwise have to pay separately for. Understanding how the pieces fit together will help you make the most of what is already included in your plan.

In this article, you will find answers covering connecting custom domains, DNS management, Cloudflare settings, CDN and caching, security and WAF, SSL, and common issues.

Yes. Cloudflare is a required part of all custom domain setups on Rapyd Cloud. Every domain connected to a Rapyd site must go through Cloudflare in one form or another. Customers who do not have an existing Cloudflare account do not need to create one: Rapyd can provision an internal account automatically.

There are three ways to connect a custom domain:

For full setup instructions, see How to Connect Your Custom Domain to a Rapyd Cloud Website.

For most customers, the Cloudflare Nameservers method is the right choice. It is the simplest to set up and gives you the full Rapyd enterprise Cloudflare stack. If you already have a Cloudflare account, the API Rapyd-managed option gives you the same features without losing your existing account. The self-managed option is the exception, not the rule: only use it if you have a complex, pre-existing Cloudflare setup with custom WAF rules or page rules that cannot be replaced by Rapyd's defaults.

No. If you do not already have one, Rapyd creates an internal Cloudflare account on your behalf. You manage your domain entirely through the Rapyd dashboard and never need to interact with Cloudflare directly.

No. Rapyd does not create a Cloudflare Enterprise account for you. What you get is access to a curated set of enterprise-grade Cloudflare features delivered through Rapyd's own Cloudflare infrastructure. You benefit from enterprise-level performance and security settings without needing your own Enterprise account.

Yes. You can connect multiple domains to a single Rapyd site. Only the primary domain receives the full Rapyd enterprise Cloudflare stack. Additional domains still require Cloudflare connection but receive standard Cloudflare free-tier-equivalent features.

No. Each unique domain can only be connected to one Rapyd site at a time. Separate subdomains can be connected to different sites.

Yes, but it requires assistance from the support team. Contact support to facilitate a method switch. Depending on how it is planned, there may be brief downtime during the transition.

Not currently. If you want to point a subdomain (for example, blog.yourdomain.com) to a Rapyd site, the apex domain (yourdomain.com) must first be connected through Rapyd's Cloudflare integration. Subdomain-only setup is a known limitation with a workaround in development.

This depends on your connection method:

Yes. Keep in mind that reconnecting a domain may cause brief downtime if the process is not planned carefully, particularly if nameserver propagation is involved.

When using the Cloudflare API method, changes are typically applied almost instantly. For the nameserver method, propagation usually takes a few minutes to a few hours and can take up to 24 hours in rare cases.

Your domain has been added in the Rapyd dashboard but the DNS connection has not been confirmed yet. If you are using the nameserver method, check that you have updated your nameservers correctly at your domain registrar. If you are using the API method, confirm your API token is still valid in your Cloudflare account. Use What's My DNS to check propagation progress. If the status has not changed after 24 hours, contact support.

An "Expired" status usually means the setup timed out before DNS was validated, or there is an issue with your domain's registration. Re-initiating the domain setup from the dashboard will often resolve this. If your domain registration has actually lapsed, you will need to renew it with your registrar first. Contact support if the issue persists.

This appears when you try to add a subdomain (for example, blog.yourdomain.com) before the parent domain (yourdomain.com) has been connected and verified. Add and complete the setup for the parent domain first, then add the subdomain.

Start by confirming that your domain status in the dashboard shows as Active. If you used the nameserver method, verify that both nameservers were entered correctly at your registrar and that propagation is complete using What's My DNS. If you used the API method, confirm your token has not been revoked. If everything appears correct but the site is still not loading, contact support.

When you connect a domain, Rapyd creates and manages the following records:

Rapyd will also remove any existing A, AAAA, and CNAME records associated with your primary domain during setup.

You should not. Modifying or deleting Rapyd-managed records can break your site and prevent visitors from accessing it. If you believe a Rapyd-managed record needs to be changed, contact support.

Yes. All standard DNS record types supported by Cloudflare are available, including A, CNAME, MX, and TXT. MX records for email and TXT records for third-party verification services (Google, Microsoft, and others) are fully supported and can be added through the DNS management section of your dashboard.

This is expected and correct. Primary domain records do not need to be proxied in the traditional Cloudflare sense because they are proxied internally through Rapyd's Cloudflare configuration. Do not change the proxy status of Rapyd-managed records.

Technically yes, but we recommend avoiding this. All DNS changes should go through the Rapyd dashboard to avoid conflicts with Rapyd-managed records and configuration.

The limit is 200 records per domain by default. If you are on the API method with own Cloudflare account, you can upgrade the specific domain to a Pro or Business plan within Cloudflare to raise the limit to 3,500 records for that domain. Domains on a free Cloudflare account created before September 1st, 2024 may have an existing legacy limit of 1,000 records.

It depends on how your domain was previously set up:

This is typically caused by MX or related email authentication records (DKIM, DMARC, SPF) not being present or having been disrupted during the domain connection process. Check your DNS records in the Rapyd dashboard and add or restore any missing MX records using the values from your email provider. If you are unsure which records are needed or cannot identify the issue, contact support.

Yes. See How to Import a DNS Zone File for instructions, including format requirements and supported record types.

Rapyd extends a predefined set of enterprise-grade Cloudflare settings to all primary domains it manages. This includes tiered caching, full-page WordPress caching, image optimization, WAF rulesets, and DDoS protection. These are configurations not available on standard Cloudflare free or Pro accounts. You benefit from this automatically when Rapyd manages your Cloudflare settings.

All primary domains managed by Rapyd, whether connected via nameserver or API Rapyd-managed, receive the following:

These features are not available when using the self-managed API option.

Tiered Cache reduces the number of requests that reach your origin server by checking intermediate cache layers first. The request hierarchy works like this: edge cache, then regional cache, then a continent-level tier 1 cache, and finally your origin server. Most requests are served from a location geographically close to your visitor without ever touching the origin. This is a fully managed feature: you cannot configure or disable it.

Rapyd's Cloudflare integration includes WordPress-aware cache rules. Pages served to logged-out visitors are automatically cached in full at the Cloudflare edge. Key paths like /wp-admin, /wp-login, and /wp-json are automatically excluded. Additional exclusions can be configured through the LiteSpeed Cache plugin in your WordPress admin, and Cloudflare will respect those settings through the LSCache integration.

Yes. Polish lossless image optimization, including dynamic WebP conversion, is active on all primary domains managed by Rapyd. No configuration is required.

The following settings are available in the Cloudflare tab in site management:

If you are on the API method, an additional setting at the top of this tab controls whether Rapyd or your own Cloudflare account manages the domain's configuration.

XML-RPC is a protocol that allows external systems to communicate with WordPress remotely. It is also a common attack vector for brute force login attempts and pingback abuse. Rapyd blocks XML-RPC by default at the Cloudflare edge as a security measure. You should leave it blocked unless you have a specific plugin or integration that requires it. If you need XML-RPC enabled, you can toggle this in the Cloudflare tab in site management. Contact support if you need assistance.

Not as a self-serve feature. Cache configuration is available through the options in the Rapyd dashboard. Custom TTLs, cache rules, and cache bypasses are not currently available to configure directly. For specific needs, contact support for escalation.

Yes. Cache purging is available from the cache settings in the Rapyd dashboard.

No. You do not need to add an API key or configure anything in the CDN section of the LiteSpeed Cache plugin. Cloudflare cache is managed entirely from the Rapyd dashboard. Settings in the LiteSpeed Cache CDN section in your WordPress admin will have no effect and should be left alone.

Custom page rules are not currently supported in the Rapyd Cloudflare integration. The one built-in redirect option is www-to-non-www (and vice versa), which can be managed from the Site Domain Management tab in the dashboard. If you need custom redirects, contact support. These are handled on a case-by-case basis.

If you connect via the API method and choose Managed by Rapyd Cloud, Rapyd's configuration will override your existing primary domain settings. Your custom page rules and WAF rules for that domain will no longer be active. If you need to preserve your existing setup, use the self-managed option instead. Note that the self-managed option means you give up all Rapyd enterprise Cloudflare features in exchange for full control of your own configuration.

Often no. Rapyd's integration covers CDN, WAF, and caching at an enterprise level, which covers what most customers pay Cloudflare for. You should keep your paid Cloudflare plan if you have more than 200 DNS records on the domain, or if you use other Cloudflare products such as R2, Streaming, or Images that Rapyd does not manage.

All primary domains managed by Rapyd have four active WAF rulesets:

These are active automatically and do not require any configuration on your part.

Not through the Rapyd dashboard. If you have specific WAF requirements, contact support for escalation to the Cloudflare team. If you need full WAF control, the self-managed API option is the appropriate path, though this means giving up Rapyd's managed security configuration.

Country and IP blocking are not currently available as self-serve features in the Rapyd dashboard. Contact support to request this, and it will be escalated to the Cloudflare team.

Contact support immediately. An "I'm Under Attack" mode is not available directly in the dashboard, but the Cloudflare team can implement elevated protection quickly when escalated through support.

This is a WAF false positive. Contact support and the Cloudflare team will investigate and resolve it.

WAF activity logs are not currently available as a self-serve dashboard feature. If you need visibility into blocked requests or WAF activity, contact support.

Yes. Cloudflare automatically deploys SSL certificates for all primary domains when they are connected. No configuration is required.

Rapyd uses Cloudflare-issued DV (Domain Validated) certificates for edge SSL, and Cloudflare-issued certificates for the server CA layer as well. SSL covers both the www and non-www versions of your domain.

Custom SSL certificate upload is not currently supported.

This article covers the most common questions about domains, DNS, Cloudflare, CDN, caching, and security on Rapyd Cloud. If you have a question that is not answered here, or if you run into an issue that needs hands-on attention, our support team is available 24/7.