DNS records: initial setup and review guidance (#18582)

* Create new page and adjust order

* Move scan intro to new doc and focus create-dns-records on procedures

* Add explanation and examples of zone apex

* Fix typo and fill in where to point zone apex records

* Remove provider-specific placeholder

* Touch up zone apex record section

* Add section for subdomain records

* Add section for email records with examples

* Intro paragraphs about SSL/TLS certificates and domain coverage

* Move link to ref dns-record-types higher in index.mdx

* Move new content on common records to partial dns-scan-procedure

* Add intro to create-zone-apex and simplify zone apex explanation

* Additional context about www on create-subdomain-record intro

* Text tweaks and add note to linking to #review-dns-records

* More context and point to troubleshooting from email-records intro

* Delete new page and replace link

* Apply suggestion from code review

Co-authored-by: Jun Lee <[email protected]>

---------

Co-authored-by: Jun Lee <[email protected]>

src/content/docs/dns/get-started.mdx

@@ -11,9 +11,15 @@ head:
 
 import { GlossaryDefinition, Render } from "~/components";
 
-You can use Cloudflare DNS with a variety of [setups](/dns/zone-setups/). For an overview of what these setups are and if you are not yet familiar with specific DNS terminology, refer to [Concepts](/dns/concepts/).
+You can use Cloudflare DNS with a variety of [setups](/dns/zone-setups/). For an overview of what these setups are and an introduction to specific DNS terminology, refer to [Concepts](/dns/concepts/).
 
-In the most common setup (full), you [add your domain](/fundamentals/setup/manage-domains/add-site/), import your [DNS records](/dns/manage-dns-records/), and [update your nameservers](/dns/nameservers/update-nameservers/) to make Cloudflare your primary authoritative DNS provider. Once the setup is completed:
+In the most common setup (full), you [add your domain](/fundamentals/setup/manage-domains/add-site/), import your [DNS records](/dns/manage-dns-records/), and [update your nameservers](/dns/nameservers/update-nameservers/) to make Cloudflare your primary authoritative DNS provider.
+
+:::note
+Make sure to [review your DNS records](/dns/zone-setups/full-setup/setup/#review-dns-records) before updating your nameservers. If you activate your domain on Cloudflare *without* setting up the correct DNS records, your domain may not be reachable.
+:::
+
+Once the setup is completed:
 
 - You [manage DNS records](/dns/manage-dns-records/how-to/create-dns-records/) through the Cloudflare dashboard or API. This is how you control which resources are available on the apex domain (`example.com`) or specific subdomains (`blog.example.com`) of your website, as well as control other configurations.
 

src/content/docs/dns/manage-dns-records/how-to/batch-record-changes.mdx

@@ -2,7 +2,7 @@
 pcx_content_type: how-to
 title: Batch record changes
 sidebar:
-  order: 7
+  order: 10
 ---
 
 import { GlossaryTooltip, Example, Render } from "~/components";

src/content/docs/dns/manage-dns-records/how-to/create-dns-records.mdx

@@ -2,25 +2,17 @@
 pcx_content_type: how-to
 title: Manage DNS records
 sidebar:
-  order: 1
+  order: 2
 ---
 
 import { GlossaryTooltip, Render, TabItem, Tabs, Details } from "~/components";
 
-<Render file="dns-scan-intro" />
+Consider the sections below for step-by-step instructions on managing DNS records at Cloudflare.
 
-<Details header="When the quick scan is not automatically invoked">
-<Render file="dns-scan-note" />
-</ Details>
-
-<Render file="dns-scan-procedure" />
-
-If you want more control over which DNS records are imported and how, [import a zone file](/dns/manage-dns-records/how-to/import-and-export/#import-records).
+To better understand what DNS records are, refer to [Overview](/dns/manage-dns-records/). For context around common records you want to review when getting started at Cloudflare, refer to [review DNS records](/dns/zone-setups/full-setup/setup/#review-dns-records).
 
 :::note
-
 If your domain is added to Cloudflare by a hosting partner, manage your DNS records via the hosting partner.
-
 :::
 
 ## Create DNS records

src/content/docs/dns/manage-dns-records/how-to/create-subdomain.mdx

@@ -2,7 +2,7 @@
 pcx_content_type: reference
 title: Create subdomain records
 sidebar:
-  order: 3
+  order: 4
 
 ---
 
@@ -16,6 +16,10 @@ For more guidance on redirecting a subdomain — either to your main domain or a
 
 ## SSL/TLS for subdomains
 
+While DNS is what communicates where your website or application can be reached, SSL/TLS is what enables websites and applications to establish connections in a secure way.
+
+If your subdomains are not correctly covered by an SSL/TLS certificate, your visitors will find a warning on their browser stating that your website or application is not secure.
+
 <Render file="ssltls-subdomains" product="dns" />
 
 ## Customize subdomain behavior

src/content/docs/dns/manage-dns-records/how-to/create-zone-apex.mdx

@@ -2,15 +2,19 @@
 pcx_content_type: reference
 title: Create zone apex record
 sidebar:
-  order: 2
+  order: 3
 
 ---
 
 import { Example, Render } from "~/components"
 
-When you add a domain to Cloudflare, you may also need to create a DNS record on your zone apex (`example.com`).
+When you add a domain to Cloudflare, you may also need to create or review the DNS record on your zone apex. Zone apex refers to the domain (`example.com`) or subdomain (`blog.example.com`) that you are [adding to Cloudflare](/dns/concepts/#zone).
 
-To do this, create an [IP address resolution record](/dns/manage-dns-records/reference/dns-record-types/#ip-address-resolution) (`A`, `AAAA`, or `CNAME`) using `@` for the **Name**, as in the following example.
+Usually, the zone apex record makes your domain accessible by visitors. In this case, the necessary record type ([A, AAAA, or CNAME](/dns/manage-dns-records/reference/dns-record-types/#ip-address-resolution)) and its content will depend on the provider that [hosts](/fundamentals/setup/manage-domains/#host-your-domain) your website or application. If you are using Cloudflare Pages, refer to [Custom domains](/pages/configuration/custom-domains/). If you are using other providers, look for their guidance on how to connect domains managed on external DNS services.
+
+## Zone apex record
+
+To create a zone apex record, use `@` for the record **Name**, as in the following example.
 
 <Example>
 
@@ -33,4 +37,8 @@ For more guidance, refer to [Redirect domain to subdomain](/fundamentals/setup/m
 
 ## Get free SSL certificates
 
+While DNS is what communicates where your website or application can be reached, SSL/TLS is what enables websites and applications to establish connections in a secure way.
+
+If your domain is not correctly covered by an SSL/TLS certificate, your visitors will find a warning on their browser stating that your website or application is not secure.
+
 Cloudflare offers free, unshared, publicy trusted [Universal SSL certificates](/ssl/edge-certificates/universal-ssl/) to all Cloudflare domains.

src/content/docs/dns/manage-dns-records/how-to/email-records.mdx

@@ -2,7 +2,7 @@
 pcx_content_type: how-to
 title: Set up email records
 sidebar:
-  order: 4
+  order: 7
 
 ---
 
@@ -14,6 +14,8 @@ There are three reasons to set up email records for your domain:
 * To make sure your domain can [send and receive email](#send-and-receive-email).
 * To prevent other email senders from [spoofing your domain](#prevent-domain-spoofing).
 
+The exact values for your DNS mail records depend on your email provider. If you have issues, review the [Troubleshooting](/dns/troubleshooting/email-issues/) and contact your email service provider to confirm your DNS records are correct.
+
 ***
 
 <Render file="add-mx-records" product="dns" />

src/content/docs/dns/manage-dns-records/how-to/import-and-export.mdx

@@ -2,7 +2,7 @@
 pcx_content_type: how-to
 title: Import and export records
 sidebar:
-  order: 6
+  order: 9
 ---
 
 import { Render, TabItem, Tabs } from "~/components";

src/content/docs/dns/manage-dns-records/how-to/managing-dynamic-ip-addresses.mdx

@@ -2,7 +2,7 @@
 pcx_content_type: reference
 title: Dynamically update DNS records
 sidebar:
-  order: 9
+  order: 13
 
 ---
 

src/content/docs/dns/manage-dns-records/how-to/round-robin-dns.mdx

@@ -2,7 +2,7 @@
 pcx_content_type: reference
 title: Round-robin DNS
 sidebar:
-  order: 10
+  order: 18
 
 ---
 

src/content/docs/dns/manage-dns-records/how-to/subdomains-outside-cloudflare.mdx

@@ -2,6 +2,8 @@
 pcx_content_type: how-to
 source: https://support.cloudflare.com/hc/en-us/articles/360021357131-Delegating-Subdomains-Outside-of-Cloudflare
 title: Delegate subdomains
+sidebar:
+  order: 20
 
 ---
 

src/content/docs/dns/manage-dns-records/index.mdx

@@ -10,11 +10,11 @@ import { DirectoryListing, FeatureTable, GlossaryTooltip, Details, Example } fro
 
 DNS records contain information about your domain and are used to make your website or application available to visitors and other web services.
 
-Depending on the providers you used to [get your domain name](/fundamentals/setup/manage-domains/#get-a-domain-name) and [host your website or application](/fundamentals/setup/manage-domains/#host-your-domain), it is expected that DNS records were automatically created on your behalf. According to your [setup](/dns/get-started/), you can use Cloudflare to manage your DNS records.
+Each DNS record belongs to a different type, and each type serves a different purpose. For background about the different types of DNS records, refer to the [Learning Center](https://www.cloudflare.com/learning/dns/dns-records/). To quickly find reference information about a specific type, refer to [DNS record types](/dns/manage-dns-records/reference/dns-record-types/).
 
-## DNS records table
+Depending on the providers you used to [get your domain name](/fundamentals/setup/manage-domains/#get-a-domain-name) and [host your website or application](/fundamentals/setup/manage-domains/#host-your-domain), it is expected that DNS records were automatically created on your behalf. According to your [setup](/dns/zone-setups/), you can use Cloudflare to manage your DNS records.
 
-DNS records have different types and each type serves a different purpose. For background about the different types of DNS records, refer to the [Learning Center](https://www.cloudflare.com/learning/dns/dns-records/). To quickly find reference information about a specific type refer to [DNS record types](/dns/manage-dns-records/reference/dns-record-types/).
+## DNS records table
 
 When managing your records at Cloudflare, besides the common record fields described below, you may also find an option for [Proxy status](/dns/manage-dns-records/reference/proxied-dns-records/) and [CNAME flattening](/dns/cname-flattening/). These are specific features offered by Cloudflare.
 

src/content/docs/ssl/edge-certificates/index.mdx

@@ -14,6 +14,8 @@ import { GlossaryTooltip } from "~/components"
 
 Consider the information below for guidance on how to choose different edge certificates for common use cases, or refer to the other pages in this section for more options.
 
+If you are not familiar with what SSL/TLS certificates are, refer to [Concepts](/ssl/concepts/).
+
 ## Use cases
 
 ### Simplify issuance and renewal

src/content/partials/dns/create-subdomain-record.mdx

@@ -7,6 +7,8 @@ import { Example, Render } from "~/components";
 
 Most subdomains serve a specific purpose within the overall context of your website. For example, `blog.example.com` might be your blog, `support.example.com` could be your customer help portal, and `store.example.com` would be your e-commerce site.
 
+Even if you do not require specific subdomains, you might want to set up at least the `www` subdomain. It will usually point to the same content as what you have on the apex domain (`example.com`) or use a [redirect](/fundamentals/setup/manage-domains/manage-subdomains/#redirect-a-subdomain-to-the-apex-domain). Having a DNS record on the `www` subdomain helps guarantee that a visitor who types `www.` in front of your domain address on their browser can still find your website or application.
+
 ## Subdomain records
 
 To create a new subdomain, you would first add the subdomain content at your [host](/fundamentals/setup/manage-domains/#host-your-domain).

src/content/partials/dns/dns-scan-procedure.mdx

@@ -3,8 +3,43 @@
 
 ---
 
-Since this scan is not guaranteed to find all existing DNS records, you need to review your records, paying special attention to the following record types:
+import { Details } from "~/components"
+
+Since the quick scan is not guaranteed to find all existing DNS records, you need to review your records, paying special attention to the following:
 
 * [Zone apex records (`example.com`)](/dns/manage-dns-records/how-to/create-zone-apex/)
+
+	<Details header="More about zone apex records">
+  Zone apex refers to the domain or subdomain that you are [adding to Cloudflare](/dns/concepts/#zone).
+
+	Usually, the zone apex record makes your domain accessible by visitors. In this case, the necessary record type ([A, AAAA, or CNAME](/dns/manage-dns-records/reference/dns-record-types/#ip-address-resolution)) and its content will depend on the provider that [hosts](/fundamentals/setup/manage-domains/#host-your-domain) your website or application.
+
+  If you are using Cloudflare Pages, refer to [Custom domains](/pages/configuration/custom-domains/).
+
+  If you are using other providers, look for their guidance on how to connect domains managed on external DNS services. Then, make sure you have the records required by your hosting provider on your [DNS records table](/dns/manage-dns-records/#dns-records-table) at Cloudflare.
+  </Details>
+
 * [Subdomain records (`www.example.com` or `blog.example.com`)](/dns/manage-dns-records/how-to/create-subdomain/)
+
+  <Details header="More about subdomain records">
+  Most subdomains serve a specific purpose within the overall context of your website. For example, `blog.example.com` might be your blog, `support.example.com` could be your customer help portal, and `store.example.com` would be your e-commerce site.
+
+  Even if you do not require specific subdomains, you might want to set up at least the `www` subdomain. It will usually point to the same content as what you have on the apex domain (`example.com`) or use a [redirect](/fundamentals/setup/manage-domains/manage-subdomains/#redirect-a-subdomain-to-the-apex-domain). Having a DNS record on the `www` subdomain helps guarantee that a visitor who types `www.` in front of your domain address on their browser can still find your website or application.
+  </Details>
+
 * [Email records](/dns/manage-dns-records/how-to/email-records/)
+
+  <Details header="More about email records">
+  Depending on your business needs, you can configure DNS records so that you can use your domain to receive emails, receive and send emails from your domain, or prevent others from sending emails on your behalf (spoofing).
+
+	Below are some examples of what those DNS records might look like. The exact values for your DNS mail records depend on your email provider. If you have issues, review the [Troubleshooting](/dns/troubleshooting/email-issues/) and contact your email service provider to confirm your DNS records are correct.
+
+  | Type | Name    | Content      | Proxy status | TTL    |
+  | ---- | ------- | ------------ | ------------ | ------ |
+  | A    | `mail`  | `192.0.2.1`  | DNS Only      | Auto   |
+  | MX    | `example.com`  | `john.mx.example-server.test`  | DNS Only      | Auto   |
+	| TXT    | `_dmarc`  | `"v=DMARC1; p=reject; sp=...`  | DNS Only      | Auto   |
+  | TXT    | `*._domainkey`  | `"v=DKIM1; p="`  | DNS Only      | Auto   |
+  | TXT    | `example.com`  | `"v=spf1 -all"`  | DNS Only      | Auto   |
+
+  </Details>