Best WordPress Cloudflare plugin settings for faster sites

As a Cloudflare partner, we recommend Cloudflare to be used as a DNS , Firewall and a CDN for the sites we host at WPOven. This guide is a small reference on settings up WordPress Cloudflare Plugin Perfectly and common questions surrounding it. It especially covers how to use Cloudflare in WordPress and how to utilize its free functionality to help your site improve speed and security. This guide does not require your site to be hosted at WPOven, so it applies to everyone who uses WordPress and is interested in using Cloudflare.

Using Cloudflare in WordPress

Setting up Cloudflare for WordPress is quite simple and requires nothing more than an email and access to your Domain registrar settings to change the name server, so Cloudflare is used as the default Domain Name Server. We assume that you already have a WordPress website up and running at the moment, if not, follow this guide on how to get started with Cloudflare for WordPress.

  • Step 1: Signup with Cloudflare, Visit the signup page and use your email to signup and verify it, then log into Cloudflare so that we get started with moving our DNS over to Cloudflare so that we can starting using it with our website.download Best WordPress Cloudflare plugin settings for faster sites
  • Step 2: Once signed up, you will see an add site form, here we will add our site lets say it is weblisty.com. Click Add Site, and then this will take you to the plan selection –
    Cloudflare Add Site
    Select the Free plan for now, which we will cover in this Guide in detail. This is also sufficient for many of the common types of sites we see users run.
    cloudflare free plan Best WordPress Cloudflare plugin settings for faster sites
    Cloudflare will then take some time to import the existing Name Server entries, this process can sometimes take a bit of time, so have patience.
    cloudflare scannig
    Once done, expect to see a list of name server entries. You may change them as required by your setup, but we will let them be as they look fine for now.
    cloudflare ns records Best WordPress Cloudflare plugin settings for faster sites
    Cloudflare will ask you to change the name server records on your domain registrar so that it can take over the functionality of a DNS server and start acting as the frontend to your website.
    Cloudflare NameServers
  • Step 3: The final step is to change the default nameserver and use Cloudflare provided name servers. This will be different for each Domain Registrar. Cloudflare will next run you through a small Quick Start Guide, and we will run through the defaults as they are sufficient and finish the setup.
    cloudflare default Best WordPress Cloudflare plugin settings for faster sites
  • Step 4: If all went well you will arrive at a screen something like given below and we can get started with optimizing Cloudflare for our WordPress website.

    cloudflare setup completed Best WordPress Cloudflare plugin settings for faster sites

Cloudflare WordPress plugin

As you will be using Cloudflare to cache your static assets or even dynamically generated ones, it is best to install the WordPress plugin provided by Cloudflare. This allows you to clear the Cloudflare cache easily in case you change make any updates to your site, it is also needed if you are using the Automatic Platform optimization (APO) feature provided.

To get started with the install it is quite easy , visit the Add new plugin section of WordPress and search for Cloudflare, once the plugin is found, simply click install then activate the plugin, the only configuration required for the plugin is to connect it to Cloudflare so that our site can notify it about the changes.

To connect the site to our Cloudflare plugin we will use the Token Method as we do not wish to share global API so use the following settings to create the custom token –

cloudflare wordpress token Best WordPress Cloudflare plugin settings for faster sites

Once the token is created , copy the token and active the plugin you will see the following page –

Wordpress cloudflare plugin home screen

Most settings will be already configured for best use. 

Cloudflare Domain Name Server (DNS)

This is the core feature of Cloudflare offers, where they will host your DNS and in doing so will also enable the reverse proxy on your site (this can be disabled if required) and offer the various services and enhancements. If you have set up Cloudflare like above, it will import your existing NS records by default and you can easily add more if required. Cloudflare also comes in very handy to host DNS if your domain registrar does not provide any options to set advanced NS records or provides limited functionality.

DNS records are instructions provided by DNS servers that contain information on how to process a domain or a hostname. There are various types of DNS records that are used by different services. In our case, we are mainly interested in the Address name commonly known as A name and the Canonical name commonly known as the C Name.

  • A Name: This record tells how the Domain name maps to the IP Address of the server
  • C Name: tells how one domain points to another domain.

Listed below are some common domain name records –

http://www.electricmonk.org.uk/wp-content/uploads/2013/06/dns_records.bmp ( Convert it into table )

For our current requirements we will only set up the A name and point the www C name to the IP of our server –

cloudflare dns default Best WordPress Cloudflare plugin settings for faster sites

As the default setup is sufficient for most users, we will not cover this in detail, for more information you can visit the Cloudflare help section.

Cloudflare Content Delivery Network (CDN)

cdn Best WordPress Cloudflare plugin settings for faster sites

A content delivery network (CDN) refers to a geographically distributed group of servers that work together to provide access to your site based on the user’s location. Cloudflare CDN is provided as a free service to sites whose DNS is hosted on Cloudflare. By default all static assets are cached, and this helps improve load time for your site through the main page is still fetched from your server ( you can change this behavior as we will see later on ).

Cloudflare then serves these static assets from the data center nearest to the user, reducing loading time and decreasing bandwidth and server load on our server. To enable CDN on your site, the only thing required is that Cloudflare is enabled on your site and it is not in bypass mode, it will show an Orange cloud in your NS Record if it’s behind Cloudflare. As a WordPress user you also have an option of using other CDN’s also, we have written about it in the past, which you can read here.
Here is a quick comparison of loading time with CDN enabled and CDN for a Vanilla eCommerce site currently, there are no optimizations applied ( Since the site is hosted in a Dallas Datacenter, we did the test from Sydney ) –

 gtmetric speedup 1 Best WordPress Cloudflare plugin settings for faster sites

As you can see the site is not doing too great by default ( we are using Gtmetrix ), Now we will enable the CDN after 2 – 3 refresh, we get the following ( Things have improved )

gtmetric speedup 2 Best WordPress Cloudflare plugin settings for faster sites
If you wish to go even further and mainly run a static HTML site, you can improve things further and have Cloudflare completely cache your site and have it load really fast the world over. To do this, you will need to add a few page rules in Cloudflare, This will make Cloudflare even cache the main pages and reduce the Time to first Byte (TTFB) even further.

pagerule fullcache Best WordPress Cloudflare plugin settings for faster sites

As page rules will not allow you to work on your site directly, you will need to setup a local hosts file entry on your machine, which points your domain directly to your server. You can read about setting these host records. This will also require a Cloudflare plugin installed on your site to clear cache when you have made the changes. You can download it here or using the internal WordPress Add new plugins search.

Here is a quick comparison with the rule enabled and load time before and after the rules were put in place. You can think of this as your own free Cloudflare APO alternative.

gtmetric speedup 3 Best WordPress Cloudflare plugin settings for faster sites

keycdn global ping Best WordPress Cloudflare plugin settings for faster sites

If you wish to take the numbers even further up with near 100 ratings on GTMetrix you can explore the nitro boost feature on our WPOhub plugin which delays the Javascript load and increases both Pagespeed and GTMetrix performance. 

Cloudflare SSL

Another great feature of Cloudflare is the free SSL offered to all websites hosted through it. This feature ensures that communication between your site and the clients is secure and cannot be snooped. Cloudflare supports multiple ways on how to set it up. Cloudflare supports three common ways –

cloudflare ssl setup Best WordPress Cloudflare plugin settings for faster sites

We recommend the Full or the Strict mode, The default settings are usually fine for most setups, but if required, you can Tweak the following settings –

  • Under Edge Certificates, Enable “Always Use HTTPS” , this will not allow unsecured access to your site.
  • Similarly, set “Minimum TLS Version” to 1.2 as below that it is not considered secured, also if your compliance standard requires it.
  • Similarly, enable “Automatic HTTPS Rewrites” this will make sure you do not get a mixed content warning when you migrate from a http to a https site.

cloudflare ssl report Best WordPress Cloudflare plugin settings for faster sites

Cloudflare Automatic Platform Optimization (APO)

By default Cloudflare only caches static assets for the sites and can cache pages if you require but this entails some extra steps to update and work with the site. By Defaults, Cloudflare also has this special setup with WordPress where if you use the provided WordPress plugin, even the pages are cached and does not require any special setups. With APO, all assets, including the pages, are moved to the edge nodes, reducing the TTFB for the site globally, giving a more positive experience overall. This functionality available as a 5$ paid addon on the free plan and requires an additional Cloudflare WordPress Plugin to be added to the site.
As this is a paid addon we will not be covering it here at the moment.

WordPress Firewall using Cloudflare

Another very useful feature of Cloudflare is the Web Application Firewall it offers on all sites. For a simple WordPress Firewall, we recommend at least 2 rules which will help you protect against content brute force attacks against the xmlrpc.php and wp-login.php , If you are using a strong password, you should not be worried, but a lot of requests from bots do cause excessive CPU and resource usage.

To get started we will first whitelist our own IP address. Under Firewall > Tools You can add your own IP ( google “whats my ip” to know your public ip), if you have a dynamic IP you can put in a IP range similar to the IP you are assigned at different times.

cloudflare ip whitelist Best WordPress Cloudflare plugin settings for faster sites

Next we go and add a few page rules to address the most common issues we usually see with a standard WordPress Site.

1. Block access to the wp-login.php, this page is used to login into your site and is a common endpoint for attackers to perform brute-force attacks on, so we will create a rule to check if the browser is being used and also perform additional checks to make sure it is not a bot.
Create a Page rules like given below and deploy –

cloudflare wp login Best WordPress Cloudflare plugin settings for faster sites

You can also use a plugin like to hide WordPress login  to avoid adding this rule. 

2.  We will also restrict access to xmlrpc.php, so it is also not used for brute-force attacks on the site, So in Firewall under firewall Rules you can create the following rule, we will block all access other than to JetPack ( You can find a list of JetPack IP range on this page )

cloudflare firewall rules Best WordPress Cloudflare plugin settings for faster sites

You can also use the expression below and build the rule –

Using these two basic rules we can block the most common brute force and automated threats the WordPress faces.

Leave a Reply

Your email address will not be published. Required fields are marked *