Best WordPress Cloudflare plugin settings for faster sites

As a Cloudflare partner, we recommend Cloudflare to be used as a DNS, Firewall, and CDN for the sites we host at WPOven. This guide is a small reference on setting up WordPress Cloudflare Plugin Perfectly and common questions surrounding it. It especially covers how to use Cloudflare in WordPress and how to utilize its free functionality to help your site improve speed and security. This guide does not require your site to be hosted at WPOven, so it applies to everyone who uses WordPress and is interested in using Cloudflare.

Using Cloudflare in WordPress

If you are going to use Cloudflare for your website, the complete setup is quite easy. It simply requires nothing more than your email and access to your Domain registrar settings. You are required to change the name server so that Cloudflare is used as the default DNS.

 To demonstrate the complete setup, Let us Assume you have a running WordPress website and follow the steps given below:

  • Step 1: Sign up with Cloudflare, Visit the signup page and use your email to sign up and verify it, then log into Cloudflare so that we get started with moving our DNS over to Cloudflare so that we can start using it with our Best WordPress Cloudflare plugin settings for faster sites
  • Step 2: Once signed up, you will see an add site form, here we will add our site let’s say it is Click Add Site, and then this will take you to the plan selection –
    Cloudflare Add Site
    Select the Free plan for now, which we will cover in this Guide in detail. This is also sufficient for many of the common types of sites we see users run.
    cloudflare free plan Best WordPress Cloudflare plugin settings for faster sites
    Cloudflare will then take some time to import the existing Name Server entries, this process can sometimes take a bit of time, so have patience.
    cloudflare scannig
    Once done, expect to see a list of name server entries. You may change them as required by your setup, but we will let them be as they look fine for now.
    cloudflare ns records Best WordPress Cloudflare plugin settings for faster sites
    Cloudflare will ask you to change the name server records on your domain registrar so that it can take over the functionality of a DNS server and start acting as the front end of your website.
    Cloudflare NameServers
  • Step 3: The final step is to change the default nameserver and use Cloudflare-provided name servers. This will be different for each Domain Registrar. Cloudflare will next run you through a small Quick Start Guide, and we will run through the defaults as they are sufficient and finish the setup.
    cloudflare default Best WordPress Cloudflare plugin settings for faster sites
  • Step 4: If all went well you will arrive at a screen something like given below and we can get started with optimizing Cloudflare for our WordPress website.
    cloudflare setup completed Best WordPress Cloudflare plugin settings for faster sites

Cloudflare WordPress plugin

As you will be using Cloudflare to cache your static assets or even dynamically generated ones, it is best to install the WordPress plugin provided by Cloudflare. This allows you to clear the Cloudflare cache easily in case you make any updates to your site, it is also needed if you are using the Automatic Platform optimization (APO) feature provided.

To get started with the installation it is quite easy, visit the Add New Plugin section of WordPress and search for Cloudflare, once the plugin is found, simply click Install then activate the plugin, the only configuration required for the plugin is to connect it to Cloudflare so that our site can notify it about the changes.

To connect the site to our Cloudflare plugin we will use the Token Method as we do not wish to share global API so use the following settings to create the custom token –

cloudflare wordpress token Best WordPress Cloudflare plugin settings for faster sites

Once the token is created, copy the token and active the plugin you will see the following page –

Wordpress cloudflare plugin home screen

Most settings will be already configured for best use. 

Cloudflare Domain Name Server (DNS)

This is the core feature of Cloudflare offers, where they will host your DNS and in doing so will also enable the reverse proxy on your site (this can be disabled if required) and offer various services and enhancements. If you have set up Cloudflare like above, it will import your existing NS records by default and you can easily add more if required. Cloudflare also comes in very handy to host DNS if your domain registrar does not provide any options to set advanced NS records or provides limited functionality.

DNS records are instructions provided by DNS servers that contain information on how to process a domain or a hostname. There are various types of DNS records that are used by different services. In our case, we are mainly interested in the Address name commonly known as the A name, and the Canonical name commonly known as the C Name.

  • A Name: This record tells how the Domain name maps to the IP Address of the server
  • C Name: tells how one domain points to another domain.

Listed below are some common domain name records – ( Convert it into table )

For our current requirements, we will only set up the A name and point the www C name to the IP of our server –

cloudflare dns default Best WordPress Cloudflare plugin settings for faster sites

As the default setup is sufficient for most users, we will not cover this in detail, for more information you can visit the Cloudflare help section.

About Cloudflare Content Delivery Network (CDN)

cdn Best WordPress Cloudflare plugin settings for faster sites

A CDN or Content Delivery Network refers to a group of servers that are geographically distributed around the globe. These servers work together to provide access to your website based on the visitor’s location.

Cloudflare CDN is provided as a free service to sites whose DNS is hosted on Cloudflare. By default, all static assets are cached, and this helps improve load time for your site because the main page is still fetched from your server ( you can change this behavior as we will see later on ).

Cloudflare then serves these static assets from the data center nearest to the user, reducing loading time and decreasing bandwidth and server load on our server. To enable CDN on your site, the only thing required is that Cloudflare is enabled on your site and it is not in bypass mode, it will show an Orange cloud in your NS Record if it’s behind Cloudflare.

As a WordPress user, you also have an option of using other CDNs also, we have written about it in the past, which you can read here.
Here is a quick comparison of loading time with CDN enabled and CDN for a Vanilla eCommerce site currently, there are no optimizations applied ( Since the site is hosted in a Dallas data center, we did the test from Sydney ) –

gtmetric speedup 1 Best WordPress Cloudflare plugin settings for faster sites

As you can see the site is not doing too great by default ( we are using Gtmetrix ), Now we will enable the CDN after 2 – 3 refreshes, and we get the following ( Things have improved )

gtmetric speedup 2 Best WordPress Cloudflare plugin settings for faster sites
If you wish to go even further and mainly run a static HTML site, you can improve things further and have Cloudflare completely cache your site and have it load really fast the world over. To do this, you will need to add a few page rules in Cloudflare, This will make Cloudflare cache the main pages and reduce the Time to First Byte (TTFB) even further.

pagerule fullcache Best WordPress Cloudflare plugin settings for faster sites

As page rules will not allow you to work on your site directly, you will need to set up a local host file entry on your machine, which points your domain directly to your server. You can read about setting these host records. This will also require a Cloudflare plugin installed on your site to clear the cache when you have made the changes. You can download it here or using the internal WordPress Add new plugins search.

Here is a quick comparison of the rule enabled and load time before and after the rules were put in place. You can think of this as your own free Cloudflare APO alternative.

GTmetrix website performance report
GTmetrix website performance report
CDN performance of website
CDN performance of the website

If you wish to take the numbers even further up with near 100 ratings on GTMetrix you can explore the nitro boost feature on our WPOhub plugin which delays the Javascript load and increases both Pagespeed and GTMetrix performance. 

Cloudflare SSL

Another great feature of Cloudflare is the free SSL offered to all websites hosted through it. This feature ensures that communication between your site and the clients is secure and cannot be snooped. Cloudflare supports multiple ways on how to set it up. Cloudflare supports three common ways –

cloudflare ssl setup Best WordPress Cloudflare plugin settings for faster sites

We recommend the Full or the Strict mode, The default settings are usually fine for most setups, but if required, you can Tweak the following settings –

  • Under Edge Certificates, Enable “Always Use HTTPS”, this will not allow unsecured access to your site.
  • Similarly, set “Minimum TLS Version” to 1.2 as below that it is not considered secure, also if your compliance standard requires it.
  • Similarly, enable “Automatic HTTPS Rewrites” This will make sure you do not get a mixed content warning when you migrate from a http to a https site.
cloudflare ssl report Best WordPress Cloudflare plugin settings for faster sites

Cloudflare Automatic Platform Optimization (APO)

If you use Cloudflare, by default it caches only static assets of a website. But it can also cache webpages if required. The only problem is, that you have to go for some extra steps to update and work with the website.

But this problem can also be solved if you choose to use Cloudflare WordPress Plugin. The plugin will make everything automatic for you and reduce these extra steps.

Let us see how it works.

With APO, all website asses, that include pages are moved to the edge nodes. It reduces the TTFP of the website globally and enhances the overall user experience.

This functionality is available as a 5$ paid addon on the free plan and requires an additional Cloudflare WordPress Plugin to be added to the site.
As this is a paid addon we will not be covering it here at the moment.

WordPress Firewall using Cloudflare

Another plus point of using Cloudflare is, that you will have its Web Application Firewall offered on all websites.

We recommend you to follow at least 2 rules, that will help you to protect your website from the majority of the attacks. e.g. DDoS, Brute force, etc.

If you are already using a strong password for your website, then you should no the worried. However, a lot of requests from bots or attackers can harm your CPU and excessive resource usage.

To begin with the rules, first you need to whitelist your own IP address. To do this, Go to Cloudflare Panel > Click on “Firewall” Tab > Tools.

In the Tools section, you can add your own IP ( google “whats my IP” to know your public IP), if you have a dynamic IP you can put in an IP range similar to the IP you are assigned at different times.

cloudflare ip whitelist Best WordPress Cloudflare plugin settings for faster sites

Next, we will add a few page rules to address the most common issues we usually see with a standard WordPress Site.

1. Block access to the wp-login.php, this page is used to log into your site and is a common endpoint for attackers to perform brute-force attacks on, so we will create a rule to check if the browser is being used and also perform additional checks to make sure it is not a bot.
Create a Page rule like given below and deploy it –

cloudflare wp login Best WordPress Cloudflare plugin settings for faster sites

You can also use a plugin like to hide WordPress login to avoid adding this rule. 

2.  We will also restrict access to xmlrpc.php, so it is also not used for brute-force attacks on the site, in Firewall under firewall Rules you can create the following rule, we will block all access other than to JetPack ( You can find a list of JetPack IP range on this page )

cloudflare firewall rules Best WordPress Cloudflare plugin settings for faster sites

You can also use the expression below and build the rule –

Using these two basic rules we can block the most common brute force and automated threats the WordPress faces.

Leave a Reply

Your email address will not be published. Required fields are marked *