Log in
Secure DNS infrastructure against online attacks, increase uptime, and ensure lightning-fast performance with a DNS firewall.
Learn moreGet DNS Firewall
What is a DNS firewall?
A DNS firewall offers security and performance improvements for DNS servers by acting as a protective tool sitting between a user's resolver and the authoritative nameserver.
DNS firewalls are equipped with rate-limiting capabilities to deter potential cyber attacks and ensure continuous service operation, even in cases of server downtime, by delivering DNS responses from cache.
Additionally, DNS firewalls bolster efficiency with faster DNS lookups and cost-effective bandwidth usage.
Learn more about DNS security
Benefits of DNS firewalls
Integrated security
DNS firewalls natively integrate with DDoS Mitigation and Rate Limiting for best-in-class protection — enabling you to automatically mitigate DDoS attacks and limit the number of queries-per-second that hits your DNS servers.
Increased availability
Even if your DNS servers are down, DNS firewalls can answer on your behalf by serving a stale answer from cache. That means your website will be available and traffic continues to flow, even when your origin nameservers are compromised.
Lightning-fast performance
A DNS firewall caches DNS responses at the network edge, ensuring that queries are resolved lightning-fast on every continent and in every major city regardless of origin server location.
Discover how to protect your business against DNS security and performance pitfalls
Read whitepaper
DNS Firewall use cases
Slide 1 of 3
Control what hits your network
With robust rate limiting capabilities, DNS firewalls shield your infrastructure from malicious and unwanted traffic. Rate limits are configurable over API, so you can easily configure them based on the health of your origin servers.
Automatically mitigate DDoS attacks
DDoS attacks on DNS infrastructure are becoming increasingly more common. A DNS firewall reroutes malicious traffic away from your origin nameservers and absorbs it across our global network. DNS firewalls also come with a dedicated automatic mitigation system that stops random prefix attacks.
Hide your origin IP from attackers
DNS firewalls mask the origin IP addresses of providers’ nameservers, keeping them safe from being targeted by attackers.
Control what hits your network
With robust rate limiting capabilities, DNS firewalls shield your infrastructure from malicious and unwanted traffic. Rate limits are configurable over API, so you can easily configure them based on the health of your origin servers.
Automatically mitigate DDoS attacks
DDoS attacks on DNS infrastructure are becoming increasingly more common. A DNS firewall reroutes malicious traffic away from your origin nameservers and absorbs it across our global network. DNS firewalls also come with a dedicated automatic mitigation system that stops random prefix attacks.
Hide your origin IP from attackers
DNS firewalls mask the origin IP addresses of providers’ nameservers, keeping them safe from being targeted by attackers.
Control what hits your network
With robust rate limiting capabilities, DNS firewalls shield your infrastructure from malicious and unwanted traffic. Rate limits are configurable over API, so you can easily configure them based on the health of your origin servers.
Automatically mitigate DDoS attacks
DDoS attacks on DNS infrastructure are becoming increasingly more common. A DNS firewall reroutes malicious traffic away from your origin nameservers and absorbs it across our global network. DNS firewalls also come with a dedicated automatic mitigation system that stops random prefix attacks.
Hide your origin IP from attackers
DNS firewalls mask the origin IP addresses of providers’ nameservers, keeping them safe from being targeted by attackers.
Related DNS Firewall case studies
FastMail
FastMail ensures that they never lose a message with Cloudflare protecting their DNS infrastructure.
Read case study
DigitalOcean
DigitalOcean answers 10,000 DNS queries every second. Cloudflare ensures their DNS infrastructure is protected.
Read case study
BigScoots
BigScoots and Cloudflare team up to counter 1 Tbps+ DDoS attacks, improve website performance and security, optimize Core web vitals and enhance the customer experience.
Read case study
Learn more about DNS firewalls
Whitepaper
Learn how to easily scale up DNS security.
Download whitepaper
Blog
Learn how to mitigate sophisticated DNS DDoS attacks.
Read blog post
Insight
The evolving DNS threat landscape
Read more
Article
What is DNS security?
Learn More
DNS Firewall FAQs
DNS Firewall FAQs
What is a DNS firewall?
What is the difference between a DNS firewall and a network firewall?
Getting Started
- Free plans
- For enterprises
- Compare plans
- Request a demo
- Contact sales
Resources
- Learning center
- Analyst reports
- Cloudflare Radar
- Cloudflare TV
- Case studies
- Webinars
- White Papers
- Developer docs
- Architecture Center
- theNET
- Blog
- Find an expert
Solutions
- Connectivity cloud
- SSE and SASE services
- Application services
- Network services
- Developer services
Community
- Community hub
- Project Galileo
- Athenian Project
- Cloudflare for Campaigns
- Critical Infrastructure Defense Project
Support
- Help center
- Cloudflare status
- Trust-hub
- Compliance
- GDPR
Company
- About Cloudflare
- Our team
- Investor relations
- Press
- Careers
- Impact/ESG
- Network map
- Become a partner
