Watch the live training this came from
This article is drawn from Shanee Moret's Day 2 live training on Codex, websites, agent-ready infrastructure, and real business-owner implementation.
Watch the replay →If you have been following along with this series, you already know why Codex recommended GitHub and Cloudflare. The short version: platforms like Kajabi force your agent to click around in a browser to make changes — slow, unreliable, and a drain on what the agent can actually do. GitHub and Cloudflare give Codex full API token access. Changes deploy from a prompt. No portal to fight.
Now comes the part most business owners skip because it looks technical: actually creating the accounts and connecting them. This post is the step-by-step. You do not need a developer. You do not need to understand how GitHub works on the inside. You need two free accounts and about 20 minutes.
For the complete framework on why infrastructure matters, read the full guide.
Why This Step Exists at All
Most business owners hit the recommendation — "move to GitHub and Cloudflare" — and either hand it to their IT person or quietly abandon it. Both responses delay the payoff by weeks.
The reason this step feels harder than it is comes down to naming. GitHub sounds like a tool for software engineers. Cloudflare sounds like a networking concept. Neither one is intuitive to someone whose background is in consulting, coaching, or services.
Here is the reframe that helps: GitHub is organized storage for your website's code, with version history. Every change your agent makes gets a commit number. If something goes wrong, you revert it. If you are running multiple agents, you can see which one made which change. Think of it as Notion for your agent — structured, traceable, controlled.
Cloudflare is the publishing and hosting layer. It takes what is in GitHub and puts it on the internet, under your domain, with security built in. It also gives you development links — shareable URLs you can send to a team member before anything goes live publicly.
One handles storage. One handles publishing. Together, they give your agent 100% access instead of asking it to navigate a portal.
Watch me explain this live — including the moment a live audience member discovered their site was actively blocking AI crawlers, which they did not know.
The Setup: What You Are Actually Creating
Before the steps, here is what you are building:
| Component | What It Does | Cost | Why It Matters for Codex |
|---|---|---|---|
| GitHub account | Stores your website code, version history, change tracking | Free | Gives Codex a place to write and track changes |
| Cloudflare account | Hosts your domain, publishes your site, security layer | Free to start; $5/month for full app | Gives Codex a way to deploy changes instantly |
| GitHub personal access token | Authenticates Codex to make changes on your behalf | Free | Required for Codex to have API access — not just browser access |
| Cloudflare API token | Same function for the Cloudflare side | Free | Required for instant deploys from a prompt |
The entire stack starts at zero cost. The $5 Cloudflare paid plan only becomes relevant if you are building a full application with security features for 10 or more users.
Step 1: Create Your Cloudflare Account
Go to cloudflare.com. Click sign up. Log in via Google — it is the fastest path and avoids a separate password to manage.
When Cloudflare walks you through onboarding steps after sign-up, skip them. You do not need to configure anything manually. Codex will handle the configuration once connected. The goal at this stage is simply an active account.
Once you have the account, do not add your domain yet. Wait until Codex is connected and can guide the domain setup. Doing it manually first often creates conflicts that take time to untangle.
Then go into Codex, open Plugins, and connect your Cloudflare account. The plugin handles the authentication handshake. You do not need to generate tokens manually for this side — Codex walks you through it.
Step 2: Create Your GitHub Account
Go to github.com. Sign up free. Again, Google login works and saves friction.
Once you are in, you need to generate a personal access token. This is the credential that allows Codex to make changes to your GitHub repositories on your behalf without going through a browser interface.
Here is where most business owners get stuck: the GitHub token interface is buried under settings menus designed for developers. The path is: Settings → Developer Settings → Personal Access Tokens → Tokens (Classic) → Generate New Token.
You will be asked to select permission scopes. If you are not sure which ones to select, do not guess.
Instead, use this approach, which was demonstrated live during the session: tell Codex, "Help me get the token you need. I have GitHub open in my browser." Codex will navigate Chrome autonomously, go to the right settings page, select the correct permission scopes, generate the token, and retrieve it for you. You watch it happen. You do not make any decisions about scope.
This is not a workaround. It is the intended workflow for business owners connecting for the first time. The agent knows what permissions it needs. Let it configure its own access.
Step 3: Common Mistakes at This Stage
Business owners who have done this before me report a short list of recurring errors. All of them are fixable, and all of them are avoidable.
Mistake 1: Generating the token manually and selecting the wrong scopes. GitHub tokens have granular permissions. Selecting too few means Codex cannot do certain tasks. Selecting all means you have given broader access than necessary. Let Codex select the scopes by navigating autonomously — it selects exactly what it needs.
Mistake 2: Adding your domain to Cloudflare before Codex is connected. The domain setup involves nameserver changes at your domain registrar. If you do this before Codex has context on your existing site, you may interrupt live traffic without a recovery plan in place. Connect Codex first. Let it audit your existing setup. Then migrate with its guidance.
Mistake 3: Treating the dev link as a test environment and never going live. Cloudflare gives you shareable development links while you are building — URLs you can send to team members to review work in progress without touching your live site. These are genuinely useful. But some business owners get comfortable in the dev environment and stall before publishing. The dev link is for review, not permanent residence.
Mistake 4: Disconnecting and reconnecting accounts when something does not look right. If Codex is not behaving as expected after connection, the first instinct is often to revoke tokens and start over. This usually makes things worse. Instead: ask Codex directly what it needs. Its error messages and clarifying questions are diagnostic — they tell you what is missing from the environment.
Step 4: Using Dev Links to Share Work in Progress
Once your Cloudflare account is connected, every build Codex does generates a shareable development link. This is a live, accessible URL — not a screenshot, not a PDF mockup — that shows exactly what the site will look like when published.
The practical use case: your business partner, VA, or client can review a website change before it goes live, from any device, without logging into anything. You send a link. They look at it. They give feedback. Codex implements the revision. You share a new link.
This replaces the workflow most business owners currently use — screenshots, screenshares, or live edits with someone watching — with an asynchronous review loop that does not require anyone to be in the same time zone or on the same call.
For teams in the process of building out internal tools or client-facing sites, this capability alone is worth the setup investment.
After the Accounts Are Connected
Once both accounts are live and connected, Codex has what it needs to begin. The first prompt I recommend is not a design change or a content update. It is an audit:
"I have connected my GitHub and Cloudflare accounts. I have a website at [URL]. Review what you have access to and tell me what you can see, what you cannot see, and what you recommend as the first action."
Codex will confirm what it can access, flag any gaps, and recommend a starting point based on your actual site — not a generic template. The audit is how you find out whether the connections are complete before you invest time in a larger task.
From there, every website change — design updates, blog posts, backend settings, security audits — happens through a prompt. You do not log into a portal. You do not navigate a menu system. You describe what you want. The agent builds it, commits the change to GitHub with a traceable record, and Cloudflare publishes it.
That is the infrastructure you are building toward. The accounts are the first step.
Learn how Codex decides which platform is right for your existing site — including the exception case where staying on WordPress was the right call.
The platform you own grows with you. The platform you lease constrains you on its roadmap.
Infrastructure is not a technical decision. It is a business one.
p.s. If you run into friction during the token setup, do not skip it and do not guess your way through the permission scopes. Tell Codex you have GitHub open in your browser and let it navigate. That is what the autonomous browsing capability is for.
This is Part 19 of a 43-part series. Start from the beginning.
This article will be promoted via LinkedIn post.
Use the skills behind this system
The Growth Academy Skills Dashboard includes 100+ Codex skills and prompts for SMB owners, including website audits, GitHub and Cloudflare setup, permissions, business intelligence, sales, and operations workflows.
See the Skills Dashboard →