Contents
- 1 What is Cloudflare?
- 2 Why Choose Cloudflare?
- 3 Setting Up Cloudflare CDN
- 3.1 Sign up to Cloudflare
- 3.2 Setting Up Cloudflare CDN: Add Your Site
- 3.3 Setting Up Cloudflare CDN: Quick Start Guide
- 3.4 Setting Up Cloudflare CDN: Accessing Site Settings
- 3.5 Setting Up Cloudflare CDN: DNS Settings
- 3.6 SSL/TLS: Overview
- 3.7 SSL/TLS: Edge Certificates
- 3.8 Security: WAF (Web Application Firewall)
- 3.9 Security: Bots
- 3.10 Speed: Observatory
- 3.11 Setting Up Cloudflare CDN: How to Disable Real User Measurement
- 3.12 Speed: Optimization
- 3.13 Caching: Configuration
- 3.14 Caching: Tiered Cache
- 3.15 Rules: Page Rules
- 3.16 Setting Up Cloudflare CDN: More Rules Ideas
- 3.17 Network
- 4 Cloudflare Usage and Tools
- 5 Setting Up Cloudflare CDN: Plugins for WordPress
- 6 Setting Up Cloudflare CDN: Getting the API Key
What is Cloudflare?
Cloudflare is a service provider that offers a variety of tools designed to optimize your website’s performance and safeguard it from potential threats. One of its primary services is the Content Delivery Network (CDN), a globally spread network of servers. When setting up Cloudflare CDN, your website’s content is cached and stored across these servers. When someone enters your site, the CDN delivers the content from the nearest server, significantly reducing the site’s load time.
The current article is "4.15. Set Cloudflare CDN" of our Complete SEO Guide Box.
Previous Article: 4.14. Tie Domain & Hosting. Next Article: 4.16. Email+Custom Domain
The Importance of Setting Up Cloudflare CDN
The speed at which your website loads is crucial. Faster load times can improve user engagement, positively impacting your SEO rankings.
Cloudflare’s Security Features
In addition to improving website speed, Cloudflare also provides robust security features. These include protection from DDoS attacks, which aim to overwhelm a website with traffic to take it offline. By setting up Cloudflare CDN, you’re also availing of their security infrastructure, which can absorb and mitigate these attacks, ensuring your website remains accessible.
Cloudflare’s DNS Services
Cloudflare operates one of the world’s largest DNS networks and offers a DNS Hosting system. The DNS, or Domain Name System, is akin to the internet’s phone book – it translates human-friendly domain names into computer-friendly IP addresses. This service ensures that users can always reach your website, improving its reliability.
Web Optimization and Edge Computing
Cloudflare offers features to optimize website performance, such as automatic image optimization and mobile optimization. Additionally, with Cloudflare Workers, you can run your code closer to your users, improving the speed and performance of your applications.
Why Choose Cloudflare?
Setting up Cloudflare CDN is a decision that can bring numerous benefits. It can enhance your website’s speed, security, and reliability. As your website grows, Cloudflare can easily handle increased traffic and demand. It’s also user-friendly and cost-efficient, with many services available for free and paid plans offering substantial value.
Setting Up Cloudflare CDN
As most web hosting providers do, We strongly recommend setting up Cloudflare CDN through the traditional DNS method, not the API. The hosting providers use Cloudflare CDN through API within some packages they advertise. The API didn’t provide full-service functionality in the past, and numerous errors could pop up. It seems easier to set up through a hosting provider but is less operable. This guide will use the traditional setup through Cloudflare’s DNS system.
Also, this method uses the Cloudflare DNS hosting service, which currently is one of the fastest, according to the DNS Performance Analysis website.
Sign up to Cloudflare
Navigate to the Cloudflare website.
In the top right corner, click “Sign Up”.
On the “Get started with Cloudflare” page, fill in the email we registered for our site and create a password.
Click [Sign Up].
Setting Up Cloudflare CDN: Add Your Site
Click [(+) Add Site] on the topmost menu panel.
On the “Accelerate and protect your site with Cloudflare” page, enter your naked domain like so:
yoursite.com
Click [Add site].
On the next page, you need to choose your plan. Of course, the Pro plan is much more capable regarding caching and security, but we will start with the Free plan. You can always upgrade. Also, you will see a link to plan comparisons at the bottom of the page.
Choose the [Free]; it is right under the main plans.
Click [Continue].
Cloudflare will scan your current DNS hosting provider for DNS Records.
After that, you can click on [Continue].
At the next step, Cloudflare wants you to set up their nameservers in your Domain Registrar so your domain will point to Cloudflare servers.
Leave this page open.
Now, we will change the DNS settings of our Domain Name to use Cloudflare’s Nameservers instead of a Hosting server IP. Suppose you’re not using NameSilo as your Domain Registrar. In that case, you can skip the next section but must change the nameservers yourself.
Navigate to the NameSilo website and log in to your account.
On the top menu bar, find the “My Account” button. Click it.
On the left menu bar, click [Domain Manager].
Click on your domain.
Find the “NameServers” section and click [Change].
Remove all the current Nameservers and paste the Nameservers from the Cloudflare page. Usually, Cloudflare gives you two Nameservers, and you need to paste both.
Click [Submit].
At this stage, any DNS Records configured manually for your Domain Name aren’t operable since you changed the default NameSilo nameservers to Cloudflare’s.
Return to the Cloudflare page.
Click [Done, check nameservers].
Find the “Finish later” button on the quick start guide page. Click it.
On the “Overview,” click [Check nameservers].
Now, we’ll wait until the propagation is completed. In the meantime, you can check propagation with propagation test tools.
You can refresh the page from time to time. When propagation completes, you will see a message:
Great news! Cloudflare is now protecting your site. Data about your site’s usage will be here once available.
Setting Up Cloudflare CDN: Quick Start Guide
On the “Overview” page, click on [Review settings] under “Quick Start Guide.”
On the “Quick Start Guide” page, click [Get started].
Automatic HTTPS Rewrites: On
Click [Save].
Always Use HTTPS: On
You want all your regular HTTP to be redirected to HTTPS for the user’s security.
Click [Save].
Brotli: On
Click [Save].
Click [Finish].
If you’re not using a paid plan, you can close the message about using “Argo Smart Routing.”
Setting Up Cloudflare CDN: Accessing Site Settings
Navigate to the Cloudflare homepage and log in.
On the left menu tab, click [Websites].
On the “Websites” page, click on your site domain.
Now, the left menu panel will change to your site settings for Cloudflare.
Setting Up Cloudflare CDN: DNS Settings
On the left menu, click [DNS].
Under [DNS], click on [Records].
These DNS Records connect your domain name on NameSilo (or any other Domain registrar you chose) to the hosting provider and other services.
Right now, you should have two Type “A” records.
Type A, with “Name” of your naked domain name, “Content” of your hosting provider IPv4, and “TTL” set to “Auto”.
Type A, with “Name” of “www,” “Content” of your hosting provider IPv4, and “TTL” set to “Auto.”
The “www” record is your “www.yourdomain.com” redirecting to your hosting provider’s IPv4 address.
“Proxy status” of “Proxied,” meaning that the connection is going through Cloudflare servers.
You should see alerts on the top of the page if you need to add more records to finish your setup. You should now see a message stating that you must add security records related to the email system. We’ll add them when we get to the Zoho email hosting provider registration article.
SSL/TLS: Overview
On the left menu panel, click on [SSL/TLS], and you will navigate to the [Overview] page.
Select the “(*) Full” method.
If you don’t see the full method, select the “(*) Full (strict)” method, then navigate to [Edge Certificates], then back to [Overview] and select “(*) Full.”
You may select the “Full (strict)” if it suits you more. Read the manual for details.
SSL/TLS: Edge Certificates
On the left menu bar, under [SSL/TLS], click on [Edge Certificates].
In the first section of “Edge Certificates,” you will see a free Universal shared TLS certificate.
Always Use HTTPS: On
This already should be enabled since we did it in the First Time Setup.
HTTP Strict Transport Security (HSTS).
HSTS is a great security feature. Read the “Help” before enabling it. But in summary, if you want to disable HTTPS in your domain, you need first to disable HSTS, wait the amount of time you set for it to expire, and only then disable HTTPS. In today’s digital world, you will not disable HTTPS.
Click [Enable HSTS].
Please read through the message and mark the check box: [V] I understand.
Click [Next].
Settings:
Enable HSTS (Strict-Transport-Security): On
Max Age Header (max-age): [1 month]
Note: If you need to turn off the policy, it will take only a month for users who visited your site in HTTPS to revisit it in HTTP.
Apply HSTS policy to subdomains: On
Preload: On
No-Sniff Header: On
Click [Save].
Automatic HTTPS Rewrites: On
If your website employs HTTPS, yet the green padlock isn’t visible in web browsers, it’s likely due to mixed content issues. This can be rectified by instructing resources to utilize HTTPS.
Certificate Transparency Monitoring: On
This feature will send you an email if any attacker will issue a certificate for your domain.
Security: WAF (Web Application Firewall)
On the left menu bar, under [Security], click on [WAF].
WAF stands for Web Application Firewall, which will protect our application. In our case, it is WordPress.
You will see another menu bar on the top of the “WAF” page.
Now, you should be on the [Custom rules] tab.
The Cloudflare’s Free plan allows you to create 5 rules.
Now, we will create 5 manual rules to protect our application.
Rule 1.
Only you, or any contributing users (with access to “wp-admin”), should be granted access to your wp-admin directory. You can restrict access based on IP, IP range, or Country. Your IP address is allowed in the [Tools] section. The “wp-login.php” file is located in the root directory of your WordPress installation, not in the “wp-admin” directory. Hence, it should have its own specific rule.
Click [ + Create rule].
Rule name: Block wp-login_php Attacks
Field: [URI Path]
Operator: [contains]
Value: /wp-login.php
Note: The “Expression preview” should look like this: (http.request.uri.path contains “/wp-login.php”)
Choose action: [Block]
Click [Deploy].
You will see that the rule is deployed.
We need to configure who can access the “wp-login.php” file.
On the top menu bar, click [Tools].
The best way would be to add only your IP address.
The problem is when you don’t have a static IP or log in from different addresses, like work or coffee bar. You must add it in the tools section whenever you want to connect from a different IP address. If you log in only from your home and each time you reconnect, the ISP assigns a different IP address. You can add its ASN (pool of IP addresses that the ISP can assign). If it’s inconvenient for you, you can add only your Country to an allowlist. The problem is that when the list of allowed IP addresses gets larger, so is the potential attacking vector. But this is something you should decide. We will go over all the methods.
Allowing one IPv4 address.
Open a new window in your browser for Google and search for the term “What is My IP.”
Google will give your external IPv4 address; if not, you can use any of the services it finds.
We will use the example of “94.94.94.94”.
Go back to the [Tools] tab in the Cloudflare window.
Click on the textbox under “IP, IP range, Country name, or ASN,” and write your IP “94.94.94.94.” a dropdown menu will show with this IPv4 address. Click the IPv4 address to select it.
In the “Action” click [Allow].
Click [Add].
Allowing ASN.
We will take the IPv4 address from the “Allowing one IPv4 address” section “94.94.94.94”.
Navigate to WHOIS checking tools and use DomainTools.
Input your IP in the text box and execute the search.
On the results page, you should see a row with ASN. Example:
ASN: AS12345 <BLABLA> <ISP COMPANY NAME>
“AS12345” is the name of the ASN of your ISP.
Go back to the [Tools] tab in the Cloudflare window.
Click on the textbox under “IP, IP range, Country name, or ASN,” and write the ASN “AS12345.” A dropdown menu will show with this ASN. Click the ASN to select it.
In the “Action” click [Allow].
Click [Add].
Allowing a Country.
“Allowing a Country” is the easiest method.
Go to the [Tools] tab in the Cloudflare window.
Click on the textbox under “IP, IP range, Country name, or ASN” and select your Country from the dropdown menu.
In the “Action” click [Allow].
Click [Add].
At this point, you can get to your “wp-admin” page from your device.
Click the [Custom rules] tab to continue adding rules.
Rule 2.
Let’s proceed to set up Cloudflare CDN so your WordPress admin area is accessible solely by you. This process is a bit complex, requiring two exceptions to the rule. As in the previous rule, the behavior is allow-listed in the [Tools] tab using your IP address / ASN / Country.
The first exception is “/wp-admin/admin-ajax.php.” This is utilized by specific plugins to present dynamic content on your site.
The second exception is “/wp-admin/theme-editor.php.” This is responsible for conducting an error verification each time you modify your theme via WordPress’s built-in editor. If this exception isn’t included, the verification will consistently fail, and your changes will not be preserved.
Click [ + Create rule].
Rule name: Protect the wp-admin Area
Field: URI Path
Operator: contains
Value: /wp-admin/
Click [And]
Field: URI Path
Operator: does not contain
Value: /wp-admin/admin-ajax.php
Click [And]
Field: URI Path
Operator: does not contain
Value: /wp-admin/theme-editor.php
Express Preview: (http.request.uri.path contains “/wp-admin/” and not http.request.uri.path contains “/wp-admin/admin-ajax.php” and not http.request.uri.path contains “/wp-admin/theme-editor.php”)
Choose action: [Block]
Click [Deploy].
Rule 3.
The “xmlrpc.php” file ranks as one of the most frequent attack targets. XML-RPC can be a security risk while having valid applications like blogging via a mobile device or simultaneously uploading content to various WordPress sites. If its functionality isn’t required for your operations, it’s advisable to block it to enhance safety.
Click [ + Create rule].
Rule name: Block xmlrpc_php Attacks
Field: [URI Path]
Operator: [contains]
Value: /xmlrpc.php
Expression Preview: (http.request.uri.path contains “/xmlrpc.php”)
Choose action: [Block]
Click [Deploy].
Rule 4.
Many WordPress websites fall victim to hacking due to the vulnerabilities present in plugins. An effective measure is establishing a firewall rule preventing direct access to the “/wp-content/plugins/” directory. Genuine requests typically routed through your website will contain an HTTP referer similar to “http://yourdomain.com/post_or_page” and will be permitted automatically. Additionally, providing access to Google’s crawler might be beneficial, as it may attempt to index elements within your plugins folder. So, we’ll be setting up a rule for Cloudflare CDN.
Click [ + Create rule].
Rule name: Block No-Referer Requests to Plugins
Field: URI Path
Operator: contains
Value: /wp-content/plugins/
Click [And]
Field: Referer
Operator: does not contain
Value: yourdomain.com (replace with your actual domain)
Click [And]
Field: User Agent
Operator: does not contain
Value: Googlebot
Express Preview: (http.request.uri.path contains “/wp-content/plugins/” and not http.referer contains “yourdomain.com” and not http.user_agent contains “Googlebot”)
Choose action: [Block]
Click [Deploy].
Rule 5.
This rule will primarily serve to block bots that are targeting the “wp-comments-post.php” file. The advice comes from WordPress Codex.
Click [ + Create rule].
Rule name: Blocking Direct Requests to wp-comments-post_php
Field: URI Path
Operator: contains
Value: /wp-comments-post.php
Click [And]
Field: Referer
Operator: does not contain
Value: yourdomain.com (replace with your actual domain)
Click [And]
Field: Request Method
Operator: equals
Value: [POST]
Express Preview: (http.request.uri.path contains “/wp-comments-post.php” and http.referer eq “yourdomain.com” and http.request.method eq “POST”)
Choose action: [Block]
Click [Deploy].
Overview
These five rules should cover most bot activity on your site. If you need help with more rules or adjusting the current, refer to the Cloudflare Firewall Help section.
Security: Bots
While setting up Cloudflare CDN, you can configure to Bot Fighting Mode.
On the left menu bar, under [Security], click on [Bots].
Bot Fight Mode: Off
The idea behind this feature is good, but the implementation lowers optimization.
It adds two more HTTP requests to your site:
yourdomain.com/cdn-cgi/bm/cv/####/api.js
POST yourdomain.com/cdn-cgi/bm/cv/result?req_id=####
Speed: Observatory
On the left side menu, click on [Speed]. It will navigate you to [Observatory].
On the top, you will see two tabs: the current tab, where you can test your site for speed, and the second tab, RUM or [Real User Measurement]. This feature shows you the real speed measures of users hitting your website worldwide. There are two problems. It needs to measure the user’s speed, which can take several seconds, and it adds several requests to your site:
https://static.Cloudflareinsights.com/beacon.min.js/###########################
https://www.yourdomain.com/cdn-cgi/rum?
We strongly recommend not to enable the Real User Measurement feature.
Setting Up Cloudflare CDN: How to Disable Real User Measurement
If you enabled the feature for some reason, you can’t deactivate it the same way.
Navigate to the Cloudflare homepage and log in to your account.
On the left menu bar, click on [Analytics & Logs], then under that menu, you will see another; click on [Web Analytics].
On the “Web Analytics” page, you will see the “Manage site” link inside a box with “yourdomain.com”. Click it.
On the “Manage site” page, click [Delete].
Now, we’ll return to site settings.
On the left menu tab, click [Websites].
On the “Websites” page, click on your site domain.
Speed: Optimization
On the left side menu, click on [Speed]. It will navigate you to [Optimization].
On the top, you will see several tabs. Click on [Content Optimization].
Rocket Loader: Off
By default, this feature is “Off”; you don’t need to enable this.
It can add several seconds to your site load time. It also adds another JS script request to load:
yourdomain.com/cdn-cgi/scripts/###/Cloudflare-static/rocket-loader.min.js
AutoMinify.
You can leave all the features unselected. We will use the Clearfy Cache WordPress plugin when we set WordPress in the next chapter, which will do a much better job.
Caching: Configuration
While setting up Cloudflare CDN, you can configure the Caching feature.
On the left side menu, click on [Caching]. It will navigate you to [Overview]. Click on [Configuration] under [Caching].
Purge Cache.
You can click on [Purge Everything] here, and it will clear all the CDN cache and pull new content from your site.
Caching Level: (*) Standard
You can leave it at “Standard” by default. You can read more about Caching Levels in Cloudflare Docs.
Caching: Tiered Cache
On the left side menu under [Caching], click on [Tiered Cache].
Tiered Cache Topology: (*) Smart Tiered Caching Topology
Rules: Page Rules
On the left side menu, click on [Rules], and it will navigate you to [Page Rules].
You can set rules only for three pages in a free account.
Here are some critical settings for page rules:
Edge Cache TTL: This determines the duration for which the content remains in the Cloudflare Edge CDN network before it requests an update from the source.
Security Level: This setting dictates the required threat score threshold that, if exceeded, triggers a challenge page for the client. The threat scores are calculated based on the Cloudflare IP reputation database.
Always Online: If your server goes offline, Cloudflare will provide a restricted version of the page or pages.
Disable Performance: This setting turns off features such as “Auto Minify,” “Rocket Loader,” “Mirage,” and “Polish.”
For a complete setting list, check the Cloudflare Page Rules Tutorial.
Note: Adding a wildcard symbol (“*”) before the domain will make sure that anything before your domain (like “www.” or “http://” or “https://”) will also follow the specific rule.
Rule 1.
The rule turns off caching, and CDN features on all the preview pages.
Click [Create Page Rule].
URL: *yourdomain.com/*preview=true*
Note: Here is the list of settings you must add. Select each time a setting in the “Pick a setting” dropdown, set its value, then click [+ Add a setting] until you fill in all the settings from the list. If you didn’t enable “Always Offline, ” you will not see this setting here.
Browser Integrity Check: On
Browser Cache TTL: 30 minutes
Always Online: Off
Security Level: High
Cache Level: Bypass
Disable Apps: Apps are disabled
Disable Performance: Performance is disabled
Click [Save and Deploy Page Rule]
Rule 2.
The rule turns off caching and CDN features on all the admin sections.
Click [Create Page Rule].
URL: *yourdomain.com/wp-admin*
Browser Integrity Check: On
Browser Cache TTL: 30 minutes
Always Online: Off
Security Level: High
Cache Level: Bypass
Disable Apps: Apps are disabled
Disable Performance: Performance is disabled
Click [Save and Deploy Page Rule]
Rule 3.
The rule is setting up Cloudflare CDN caching throughout the website and Email Obfuscation. It’s important to note that CDN caching isn’t automatically functional on all the objects or files; specific URLs must be designated in the Rules to operate effectively. Suppose your server sends a “Cache-Control” header with a value that allows caching. In that case, Cloudflare will cache the resource according to the specified duration. You want to override this behavior for all the files.
Email Obfuscation is ideally applied only to pages containing email addresses, such as the “Contacts” page. However, if multiple pages contain emails or the free tier of Cloudflare is being utilized, Email Obfuscation can be enabled for the entire site. Remember to clear the cache if an existing post is modified. Otherwise, the changes won’t be reflected for a month.
Click [Create Page Rule].
URL: *yourdomain.com/*
Browser Cache TTL: 4 hours
Cache Level: Cache Everything
Edge Cache TTL: a month
Email Obfuscation: On
Click [Save and Deploy Page Rule]
Cloudflare utilizes a distinct order priority for executing rules, ensuring that the first rule takes precedence. For optimal performance, arranging rules in a descending order of specificity is advised. This principle is evident in the above example, where the preview pages rule is executed first, followed by the admin section, and finally, the rule encompassing the entire site. To modify the rule execution order, users can simply drag and rearrange each rule using the “up arrow” and “down arrow” signs located on the left side of the rule. This feature provides flexibility and control over the execution sequence of rules within Cloudflare.
Setting Up Cloudflare CDN: More Rules Ideas
Here are some additional guidelines to keep in mind:
Avoid caching dynamic content – While most WordPress sites are static, there might be dynamic content that alters based on user interaction. This means you should bypass the cache for the URL from which you serve dynamic content, such as:
*yourdomain.com/ajax*
Cache Level: Bypass
Bypass Cache for eCommerce Cart, Checkout, and Account Pages.
*yourdomain.com/cart*
Cache Level: Bypass
*yourdomain.com/?=add-to-cart*
Cache Level: Bypass
*yourdomain.com/checkout*
Cache Level: Bypass
*yourdomain.com/account/*
Cache Level: Bypass
Exclude WooCommerce pages from cache – WooCommerce employs three sets of cookies that should be excluded from your cache: woocommerce_cart_hash, woocommerce_items_in_cart, and wp_woocommerce_session_.
*yourdomain.com/woocommerce_cart_hash
Cache Level: Bypass
*yourdomain.com/woocommerce_items_in_cart*
Cache Level: Bypass
*yourdomain.com/wp_woocommerce_session_*
Cache Level: Bypass
Prevent bots from spamming your email on the contact page. This is only necessary for pages that display your email. Of course, “/contact” should be the actual name of your Contact page.
*yourdomain.com/contact/
Email Obfuscation: On
URL Forwarding/Redirection
*yourdomain.com/page1
Forwarding URL: [Select Status Code] => 301 – Permanent Redirect
Enter Destination URL: *yourdomain.com/page2
Redirect requests for “xmlrpc.php” to the homepage to mitigate attacks.
*yourdomain.com/xmlrpc.php*
Forwarding URL: 301 – Permanent Redirect
https://www.yourdomain.com/
More Cloudflare examples of the Page Rules.
Network
On the left side menu panel, click [Network].
Maximum Upload Size: 100 MB
This is the default setting. Remember that if you let visitors upload files to your hosting, this will be the maximum size.
Cloudflare Usage and Tools
After setting up Cloudflare CDN, you can follow several sections in the menu to use tools provided by Cloudflare daily.
On the left side menu, click on [Overview].
In the middle of the page, you will see different analytics, when your site will start getting traffic.
A “Quick Actions” menu on the right pane includes several essential features.
You can “Purge Cache” right from here.
You can enable “Under Attack” mode, which will show a JavaScript challenge to all the users.
You can enable a “Development Mode” to check how your site works without Cloudflare CDN.
Also, you can see your current subscription plan type and other features.
On the left side menu, click on [Analytics & Logs].
Here, you will see all kinds of analytics. They’re not always precise, but they can give a statistical picture.
On the left side menu, click [Security]. It will navigate you to [Events].
These are all events that received a Block under the rules you set.
On the left side menu, click on [Speed]. It will navigate you to [Observatory].
You can test your site for speed several times a month for free, using different geographical locations and settings. When the test finishes, a report will be generated with improvement recommendations.
Setting Up Cloudflare CDN: Plugins for WordPress
When integrating Cloudflare with WordPress, you might wonder if a plugin is necessary. The short answer is that it’s not essential. This is because when you use Cloudflare, your website’s traffic is already being routed through its DNS, meaning all your traffic is passing through Cloudflare, and your files are cached.
Understanding Cloudflare’s Caching
By default, Cloudflare only caches static content. This includes JPG, GIF, JS, CSS, and more files. HTML content, which often changes more frequently, is not cached by default. As a result, you typically don’t need to purge the cache in Cloudflare unless you make changes to your static content, such as JS or CSS files.
The Role of a WordPress Plugin
A WordPress plugin can interact with Cloudflare via its API to automate specific tasks. For instance, if you have configured Cloudflare to cache HTML content, you can set your WordPress plugin to purge the cache every time you post new content. However, it’s important to note that this doesn’t provide any performance gain – it simply automates a task you could do manually through the Cloudflare interface.
The Cloudflare WordPress Plugin
Cloudflare does offer a default WordPress plugin developed by their team. However, this plugin has been criticized for its poor implementation and lack of robust support compared to other plugins. Essentially, the plugin allows you to perform tasks you could do in the Cloudflare console from your WordPress console. But given its limitations, it might be easier and more efficient to log in to the Cloudflare console and manage everything from there.
The Bottom Line
While a WordPress plugin for Cloudflare can provide some convenience, it doesn’t offer any performance benefits. Suppose you’re not using a specific caching plugin. In that case, avoiding others and managing your Cloudflare settings directly from their console is generally better. This approach gives you complete control and avoids complications from poorly supported plugins.
Setting Up Cloudflare CDN: Getting the API Key
On the left side menu bar, click on [Overview].
Find the “API” section on the right menu bar and click “Get your API token.”
On the “API Tokens” page, you can manage your API keys and tokens.
On the “Global API Key” row, click on [View].
The current article is "4.15. Set Cloudflare CDN" of our Complete SEO Guide Box.
Previous Article: 4.14. Tie Domain & Hosting. Next Article: 4.16. Email+Custom Domain
If you find any mistakes or have ideas for improvement, please follow the email on the Contact page.