If you run websites on a server, two things quietly decide whether your day is calm or chaotic: DNS and SSL. Get them wrong and visitors see security warnings, mail bounces, or the site simply does not load. Get them right and you never think about them again.
Panelica is built around that second outcome. It is a modern server management panel - a genuine cPanel alternative for people who want a clean, fast control panel without legacy licensing - and one of the places this shows most clearly is the Cloudflare page. This article is a full, honest walkthrough of that page: every tab, every button, what it does, and why we recommend turning it on the moment you finish a clean install.
Where to find it
Inside Panelica the page lives under Domains → Cloudflare. It is organised into seven tabs. Here is the whole page at a glance:
We will go through each tab in the order you would naturally use them. First, connecting your account.
1. Settings - connecting your Cloudflare account
The Settings tab is where everything begins. Panelica does not store your Cloudflare password - it connects through your Cloudflare email address and a Global API Key (or a scoped API token), which Cloudflare provides exactly for tools like this.
The tab even includes a short, built-in guide showing where to find that key inside your Cloudflare dashboard, so you do not have to go hunting. You add the account through a simple dialog:
The Test button verifies the credentials with Cloudflare before you save anything - so you find out immediately if a key was pasted wrong, rather than discovering it later when a certificate fails.
A few things make this tab more capable than it first appears:
- Multiple accounts. Agencies and resellers often manage clients across several Cloudflare accounts. You can add as many as you need, mark one as the default, and Panelica keeps every zone correctly mapped to the account that owns it.
- Account health at a glance. Each connected account shows a green tick when its key is valid, or a red mark when Cloudflare rejects it - so an expired key never becomes a silent mystery.
- Default record behaviour. You decide whether new DNS records are created Proxied (traffic routed through Cloudflare) or DNS only, and what default TTL they use. Set it once; every new record follows the rule.
2. Zones - all your domains in one list
A zone is Cloudflare's word for a domain. The Zones tab pulls every domain from every connected account into a single, searchable list, topped by a row of summary cards:
The clever part is the small square P badge next to certain domains. Panelica knows which Cloudflare zones are also hosted on this server, and it checks whether their DNS actually points back here:
That red badge is the kind of problem that, on most panels, you only discover when a customer emails to say their site is down after a migration. Panelica surfaces it before anyone notices.
Click any domain to expand it and you see the full picture without leaving the page:
- Cloudflare plan, security level, and current SSL mode
- The nameservers Cloudflare expects - each one copy-to-clipboard, with a clear warning highlighted in amber if the zone is still pending activation
- Development mode status and whether the zone is a full setup or a partial CNAME setup
- Shortcuts straight to DNS management or Quick Actions for that domain
You can also create a new zone directly here (with Cloudflare's "jump start" option that auto-imports existing DNS records), delete a zone (protected by a type-the-name confirmation), and - the real time-saver - bulk sync. Tick several domains, or use "select all Panelica domains", and point every one of them at your server IP in a single action. Migrating twenty sites to a new server becomes one click instead of twenty trips through the Cloudflare dashboard.
3. DNS Management - a full DNS editor
The DNS Management tab is a complete DNS record editor. Pick a zone and you get a clean table of every record, with search and a type filter. Panelica supports all the record types you actually need:
The add/edit form is context-aware: choose MX and a priority field appears; choose SRV and you get service, protocol, weight, port, and target fields; choose CAA and you get the proper tag and flag selectors. You are never left guessing what to type.
Every A, AAAA, and CNAME record has a proxy toggle - the famous orange cloud. Click it and the record switches between routing through Cloudflare (orange, protected and cached) and DNS-only (grey, direct to your server). No form, no save - just click the cloud.
There is also a feature most panels do not have: DNS drift detection. Panelica knows what a record should be based on the domain it hosts. If someone edits a record directly in the Cloudflare dashboard and it no longer matches, the row is highlighted in amber with a "DNS drift detected" warning, and it shows you the value Panelica expected. Your panel and your DNS provider can never quietly fall out of sync.
Need to clean up? Select multiple records and bulk-delete them, with a live progress counter as it works. Records that Cloudflare locks (its own system records) are automatically excluded so you cannot break the zone by accident.
4. Quick Actions - the everyday automation
If you only learn one tab, learn this one. Quick Actions turns the jobs that normally take ten dashboard clicks into single buttons. Pick a domain from the dropdown and you get a grid of action cards:
| Action | What it does |
|---|---|
| Sync Panelica IP | Updates the domain's root A record to point at this server - and then automatically syncs mail records too. |
| Sync Mail DNS | Creates or corrects MX, mail A, SPF, DKIM, and DMARC records in one click - the records that decide whether your email lands in the inbox or in spam. |
| Purge Cache | Clears all of Cloudflare's cached files so visitors see your latest changes immediately. |
| Development Mode | Bypasses the cache for three hours while you work on a site, then turns itself back off. |
| Under Attack Mode | Puts a short challenge in front of every visitor - the emergency switch for an active DDoS attack. |
| SSL Mode | Switches the Cloudflare edge encryption mode between Flexible, Full, and Full (Strict). |
| HTTPS Redirect | Forces every visitor onto HTTPS automatically. |
The Sync Mail DNS card deserves a closer look, because email DNS is where most self-hosting goes wrong. After it runs, Panelica shows you a precise per-record result:
Created, updated, or unchanged - for every record. No silent failures. And because the panel does this from the mail server's own configuration, the DKIM key always matches what the server actually signs with. This is the difference between "I set up email" and "email actually works".
Every action you take is written to a recent activity log at the bottom of the tab, so there is always a clear record of what changed, when, and whether it succeeded.
5. Firewall - blocking bad traffic without a console
The Firewall tab manages Cloudflare's WAF (Web Application Firewall) custom rules. Cloudflare's own rule language is powerful but intimidating, so Panelica gives you two ways to build a rule.
Simple mode is point-and-click. Choose a field, an operator, and a value:
(ip.geoip.country in {"CN" "RU"})
You can match on IP address, country, URI path, user agent, AS number, hostname, or HTTP method - and Panelica shows you the exact expression it builds, so you learn the syntax as you go. Advanced mode hands you the raw expression editor for anything more complex.
For each rule you pick an action - Block, Managed Challenge, Interactive Challenge (CAPTCHA), JS Challenge, Allow, Log, or Skip - each described in plain language so you choose the right one. Rules can be enabled or disabled with a switch, so you can keep a rule ready and flip it on only when you need it.
6. Page Rules - per-URL behaviour
The Page Rules tab lets you change Cloudflare's behaviour for specific URL patterns - for example, "cache everything under /static/*" or "always redirect the old blog path to the new one". You define a URL pattern, set a priority, and attach one or more actions: forwarding URL (301 or 302), cache level, browser cache TTL, SSL mode, security level, Rocket Loader, and more.
7. Analytics - traffic and threats, visualised
The Analytics tab brings Cloudflare's edge data into the panel. Choose a domain and a time range - last 24 hours, 7 days, or 30 days - and you get four headline cards:
Below the cards are real charts: requests over time, a bandwidth breakdown that splits cached versus uncached traffic (so you can see exactly how much Cloudflare is saving you), a response-status distribution of 2xx/3xx/4xx/5xx codes, and a top-countries table. If threats were blocked in the period, a clear banner tells you how many. It is enough to answer "is my site healthy?" without ever opening the Cloudflare dashboard.
The headline feature: Auto SSL and the 15-year certificate
Everything above is useful. This part is the reason we tell you to connect Cloudflare on day one.
Panelica has a one-click Auto SSL feature. You press a single button on a domain, and the panel figures out the best possible way to secure it. It does not ask you to understand challenge types or certificate authorities - it inspects the domain and decides:
It goes further. Auto SSL can issue a true wildcard certificate for every subdomain at once, or a single SAN certificate covering the parent domain, www, and every active subdomain together - which is gentler on Let's Encrypt rate limits than issuing dozens of separate certificates. And the whole process returns a plain-language decision log so you can see exactly why each choice was made:
Why does a 15-year certificate matter so much? Because the single most common cause of "the website suddenly shows a security warning" is an expired certificate that failed to renew. A Cloudflare Origin Certificate removes that failure mode entirely for proxied domains. You issue it once and forget it - for longer than most servers stay in service.
How this compares
People evaluating Panelica almost always arrive looking for a cPanel alternative or a Plesk alternative. Here is an honest comparison of how Cloudflare is handled in practice:
| Capability | Typical cPanel / Plesk approach | Panelica |
|---|---|---|
| Cloudflare integration | A separate plugin or extension, often partner-locked | Built into the panel, all accounts |
| Mail DNS (SPF/DKIM/DMARC) | Manual, copy-paste from records pages | One-click sync with per-record result |
| SSL behind Cloudflare proxy | Often fails - HTTP validation hits the proxy | Auto-detected, switches to DNS-01 or Origin cert |
| Certificate lifetime | 90 days, renewal can silently fail | Up to ~15 years for proxied domains |
| DNS drift detection | Not available | Built in, highlights mismatches |
| Multi-account / reseller use | Usually one account per server | Unlimited accounts, per-zone mapping |
Whether you are a hosting reseller juggling client accounts, a developer running a single VPS, an agency that just wants sites to stay online, or someone running a home lab for the fun of it - the goal is the same: spend your time on the websites, not on the plumbing underneath them.
In summary
The Cloudflare page in Panelica is seven tabs that add up to one idea: your control panel and your DNS provider should be the same workflow. Connect your account in Settings, see every domain in Zones, edit records in DNS Management, run everyday jobs in Quick Actions, defend sites in Firewall, fine-tune URLs in Page Rules, and watch traffic in Analytics - and on top of all of it, get a 15-year SSL certificate from a single button.
If you take one thing away: finish your clean install, open Domains → Cloudflare, and connect your account before you do anything else. Five minutes there saves you from the certificate warnings, the mail-in-spam puzzles, and the "why is this site pointing at the old server" mysteries for as long as you run the box.