Cloudflare Security Audit

Prepared for your agency.

A read-only review of your Cloudflare account against the Fend security baseline — the same standard we apply to every site under our care.

The audit runs in your browser. It scans every zone in your Cloudflare account in about a minute and produces a slide deck per zone showing where each site stands. Nothing is changed; this is a check, not a fix.

Step 1 of 1

Connect your Cloudflare account

Paste a read-only API token below. The audit reads zones and settings; it cannot make changes.

Cloudflare API token

Step-by-step

In your Cloudflare dashboard, click your profile icon (top right) and choose My Profile.
Open the API Tokens tab.
Click Create Token, then Custom Token → Get started.
Name it something like Fend audit – temporary.
Add the permissions below (all Read).
Under Zone Resources, choose Include — All zones from an account and pick the account you want audited.
Continue to summary, create the token, copy it, paste it here.

Required permissions (all Read)

DNS & Zones

Zone
Zone Settings
DNS

App Security

Zone WAF Rules
Bot Management (only on plans that include it; optional)

Rules & Configuration

Zone Transform Rules

Cache & Performance

Cache Settings

After the audit

You can revoke the token any time from the same API Tokens page (three dots → Delete). Short-lived tokens are always safer than long-lived ones.

Your token never leaves your browser permanently. It passes through our proxy in memory only and is never logged, stored, or processed. View the proxy source code →

Something went wrong

Running

Verifying token…

Could not load audit data

The deck needs audit-result.json in the same folder.

If you opened this file directly from your computer (file://), most browsers block local fetch. Either run a local server, or upload the JSON below.

Upload audit-result.json