Do you want to use Cloudflare CDN on your WordPress site?
Cloudflare is one of the best WordPress CDN and firewall services available in the market. They offer a free CDN that speeds up your website along with a suite of powerful security features for small business websites.
The challenge is that many entry-level users are not able to utilize Cloudflare because they think it is hard to set up.
In this guide, we will walk you through a complete Cloudflare setup in WordPress to help you improve your website speed.
Table of Contents:
- What is CDN? Why You Need It?
- What is Cloudflare CDN?
- MaxCDN vs Cloudflare
- Setting Up Cloudflare CDN in WordPress
- Method 1: Cloudflare Setup from Web Host cPanel (SiteGround)
- Method 2: Setting Up Cloudflare Manually
- Configuring Most Important Cloudflare Settings
- Optimizing Cloudflare for WordPress
What is CDN? Why You Need a CDN for Your Site?
A CDN or Content Delivery Network is a system of distributed servers which helps deliver your website files faster to the users based on their geographic location.
Typically, a web hosting service serves your website visitors from a single location. All the users access the same server, no matter where they are located. This can result in a delay in content delivery for users living further away from your website’s central hosting server.
CDN solves this problem by setting up multiple edge servers in different locations around the globe. These CDN servers cache static content from your site’s origin/central server, store, and present them to the users after they request for it.
When there is a user request, the CDN server closest from the user’s location will handle it. For example, if someone in the USA wants to access a UK-hosted website, then a CDN server in the USA will serve that request, not the main sever in the UK.
With CDN, all the user requests are handled by the nearest CDN servers. This mitigates the physical distance between the visitors and your website’s server. As a result, your website loads faster for all users regardless of their geographic location.
A faster website also improves user experience and gives your website a slight boost in SEO rankings.
Using a CDN also reduces the load on your primary server and protects it from crashing during traffic spikes. If you want to learn more, see our guide on why you need a CDN for your WordPress blog.
What Is Cloudflare CDN?
Cloudflare is the most popular free CDN provider available on the internet. It is a large network of globally distributed servers which automatically cache static content and deliver dynamic content swiftly.
On top of a CDN service, Cloudflare is also a cloud-based website firewall and a distributed proxy server. It monitors all incoming traffic to your website and blocks suspicious traffic even before it reaches your server.
They offer a free basic plan that’s suitable for small business websites and blogs. They also offer paid plans starting at $20 per month.
Cloudflare is an excellent choice for small businesses looking for a free CDN. However, if you want to fully utilize all Cloudflare features, then you will need the Business plan which costs $200 / month.
Editor’s note: We do not use Cloudflare on WPBeginner. Instead we use MaxCDN (now part of StackPath) for our CDN service. They do not force you to use their DNS and offer more reasonable pricing at scale.
MaxCDN vs. Cloudflare – What’s the Difference?
MaxCDN and Cloudflare are both quite different services actually. While MaxCDN is focused on serving your content through their CDN, Cloudflare is more focused on security and spam control.
They both use different technologies to serve content through their networks. MaxCDN serves content from your website’s DNS using pullzones, simply put they mirror your website. Cloudflare, on the other hand, serves content through their own DNS, and you are asked to change your website’s DNS to point to their servers.
Cloudflare acts as a proxy between you and your website’s visitors, which means you give up a lot of control. Whereas MaxCDN acts as a reverse proxy, which means you have all the control.
Cloudflare is better at optimizing your page speeds by preventing your site from malicious bots, attackers, and suspicious crawlers. MaxCDN is better at improving your website speed by serving your static content through their servers located around the world.
Cons of Using Cloudflare
The biggest user complaint with Cloudflare is that while it speeds up your website, sometimes it will add a second loading screen for security verification purposes which defeats the purpose of speed because users often have to wait 5 seconds before they can see your website.
Sometimes it can also display a CAPTCHA page asking users to prove that they are human. This creates a bad experience for first-time visitors who may never revisit the site.
Setting Up Cloudflare on Your WordPress Site
Setting up Cloudflare on a WordPress site is quite easy. There are two different methods:
- By using a single-click Cloudflare setup option in your host’s control panel
- By signing up manually on Cloudflare website
The first method is the easiest way to enable Cloudflare CDN on your WordPress blog. Some of the top WordPress hosting services like SiteGround have partnered with Cloudflare to offer an easy setup option through their control panel.
If your web host doesn’t offer a built-in Cloudflare setup option, then you can manually add the service on your site. We will show both of these methods in details below.
Method 1: Setting up Cloudflare CDN with One-Click Setup Option in cPanel
As we mentioned earlier that some WordPress hosting providers like SiteGround offer an easy option to configure Cloudflare CDN in WordPress.
These web hosts provide a built-in Cloudflare integration app in your hosting cPanel to enable the service with just a few clicks.
This Cloudflare setup option works similarly with most hosting providers that have the integration. For your reference, we will show the setup process on SiteGround hosting.
Enabling Cloudflare CDN on SiteGround
If you are using SiteGround as your WordPress hosting company, then you can set up Cloudflare CDN on your site in just a few minutes.
To get started, login to your cPanel and navigate to the ‘Site Improvement Tools’ section. After that, click on the ‘Cloudflare’ icon.
SiteGround recently started switching to a new control panel. If you’re using the new panel, then you’ll see Cloudflare listed under Speed tab. For example, take a look at the screenshot below.
To enable Cloudflare free CDN on your website, just click on the ‘Set Up’ button to continue.
After that, you will see a popup asking you to create a Cloudflare account or connect to your existing one.
Next, you will see a message indicating that the CDN activation is in progress. Once it is complete, the Cloudflare CDN will be active on your WordPress site.
Method 2: Setting up Cloudflare CDN in WordPress Manually
If your web hosting doesn’t have a single click Cloudflare configuration option, then you can use this method. It can take a few more minutes, but it is also easy and user-friendly.
To begin, you need to visit CloudFlare website and click on the ‘Sign Up’ button.
On the next page, you need to enter your email address and password to create a Cloudflare account. Simply enter the information required, and then click on the ‘Create Account’ button.
After that, you need to enter your website’s URL.
On the next screen, you will be asked to choose a plan. For the sake of this tutorial, we will select a free plan.
After that, Cloudflare will show you a list of all DNS records their systems found. This will include your subdomains as well.
The DNS records you want to be passed through Cloudflare will have orange cloud icon. The DNS records that will bypass Cloudflare will have a gray cloud icon.
You need to review the list to make sure that your primary domain is active on Cloudflare with an orange cloud icon.
Once you verify your DNS records, click on the Continue option at the bottom.
On the next and the final step of your setup, Cloudflare will ask you to update your nameservers. You will be asked to change your name servers and point them to Cloudflare nameservers.
Notice: Changing name server can take some time to propagate through all over the internet. During this time, your website may become inaccessible for some users.
You can change name servers either from your domain registrar account like Domain.com, or if you got a free domain from your web hosting provider like Bluehost, then you will have to change the name server by logging into your hosting account.
For the sake of this tutorial, we will be showing you how to change the name servers from the Bluehost control panel. While the process is similar across hosting companies, you can always ask your hosting provider for detailed instructions for their control panel.
Once you are logged on to your Bluehost cPanel dashboard, go to ‘Domains’ section, and select your domain name. After that, click on the ‘Name Servers’ tab and ‘Edit’ option.
Next, you need to select ‘Custom’ and enter the nameservers provided by Cloudflare.
After that, you need to go back to Cloudflare setup page, and click on ‘Done, check nameservers’ button to finish the setup.
That’s it! Now it will take a few minutes to update your domain nameservers and activate Cloudflare.
Once activated, you will see the success message on your Cloudflare dashboard.
You can now customize your Cloudflare settings from this dashboard. We will show you the most critical settings in the next section.
Note: The above screenshots show Bluehost control panel. Your nameserver settings may look different if you’re using a different hosting provider.
Configuring Most Important Cloudflare Settings
Your basic Cloudflare set up is complete, but there are a few essential settings you need to configure to keep your WordPress site secure.
1. Configure WordPress Specific Page Rules
By setting up page rules, you can customize how Cloudflare works on specific pages on your site. It is especially useful in securing critical pages like login page, wp-admin area, etc.
Cloudflare free account allows you to set up three page-rules. If you want to add more page rules, then you need to pay $5 per month for five additional rules.
First, you need to click on the Page Rules option at the top and then click on the Create Page Rule button.
After that, you can set up the following three page-rules.
a) Secure your WordPress login page
Page URL: example.com/wp-login.php*
Setting: Security Level; High
b) Exclude WordPress Dashboard from Cloudflare and Enable High Security
Page URL: example.com/wp-admin*
Settings: Security Level; High
Cache Level; Bypass
Disable Performance
Disable Apps
c) Force HTTPS
Page URL: http://*example.com/*
Setting: Always use HTTPS
2. Configure SSL Certificate Settings
Another important setting is the SSL certificate available in the ‘SSL/TSL’ menu at the top.
Make sure to choose ‘Full’ if you are already using SSL.
If you don’t have an SSL certificate, then see our guide on how to get a free SSL certificate for your website.
Once done, Cloudflare will provide a coveted green padlock to signify that your website is secure.
Optimizing Cloudflare for WordPress Using a Plugin
Cloudflare offers a dedicated WordPress plugin for one-click WordPress-optimized settings. The plugin lets you quickly set up Cloudflare on your WordPress site, add web application firewall (WAF) rulesets, automatically purge the cache, and more.
To get started, install and activate the Cloudflare plugin on your website. For more details, see our step by step guide on how to install a WordPress plugin.
Once done, you need to visit Settings » Cloudflare from your admin panel to configure Cloudflare settings.
On the settings page, you will see a Create Your Free Account button and Sign-in option for already existing accounts. Simply click on the sign-in option.
On the next screen, you will need to enter your Cloudflare email and API key.
You can find your API key in your account area on the Cloudflare website.
Simply open the ‘My Profile’ page and then click on the API tokens. After that, go to the Global API Key section and click on the View button.
This will open a popup and display your API key. You need to copy the key.
Next, come back to your WordPress dashboard and enter your email address and API key.
After that, Cloudflare home page will appear on your dashboard. From there, you can apply a single-click WordPress optimization, purge cache, enable automatic cache, etc.
You can find more Cloudflare options by clicking on the Settings option.
It also shows stats such as visitors, bandwidth saved, threats blocked, etc. from the Analytics option.
We hope this article helped you to learn how to set up Cloudflare free CDN in WordPress. You may also want to see our complete WordPress website security guide.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
When I tried to add the page rules for my wordpress login page, I got message “Not Acceptable! An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.”
Is anything I did wrong? Or I just need to wait for a little while to try again?
You would want to check with your hosting company for that specific error as that normally means they have a security rule set to prevent certain things on your site.
I s there a way to turn off the second loading screen for security verification purposes and that CAPTCHA page which you have mentioned in the Cons of Cloudflare?
You should be able to change the settings to remove that if you wanted but you would want to check with CloudFlare for the current method.
I’m setting up Cloudflare – thanks to your article! I’ve already got W3 super cache plugin – do I need both? Are they going to confuse each other? Total newb question I know!
They have slightly different functions and there is an integration so the two can work with each other without an issue.
Thank you for this guide. It helped me reduce the time my page loads
Glad our guide was helpful
What if someone mistakenly adds the wrong parameters in page rules and then deployed it. Is there any way back to change page rules after deploying it?
You can change your settings after setting them if you need to.
thanks for sharing this content
You’re welcome
Probably a noob question, but I have a lot of existing video and photo files on my site. Will they all be migrated to Cloudflare’s CDN or do I have to do that manually? I followed the setup steps, but my content still takes forever to load, and when I view its URL, it’s still showing my site’s URL and path.
You shouldn’t need to transfer your content, for the slow loading you may want to reach out to CloudFlare for them to take a look
Thanks so much for this, helps a lot!
Just to be clear, even though I’ve added my site to cloudflare, I still need to get an SSL cert separately? Cloudflare does not supply ssl cert?
Thanks again!
You would want to take a look again under the Configuring Most Important Cloudflare Settings section for CloudFlare’s SSL
Admin, kindly answer these question like
After changing the DNS, who is actually will my hosting provider? The hoster OR cloudflare and all editing can be done by same cpanel?
Your hosting provider would still be your hosting provider.
thank you very much, I was looking for a proper step-by-step Cloudflare set up! and TA DA!! you guys are savior.
It would be great if you publish about the best of cloudflare settings, from the plugin.
Glad you found our article helpful
Thank you for such a great publications, it really help me set up my cloud flare account easily. Keep the good work.
You’re welcome, glad our guide was helpful
Very helpful information and with the pictures for verification i could confirm everything instead of guessing, thankyou very much for compiling this! It is BRILLIANT
You’re welcome, glad our guide could be helpful
superb guide, easy to follow thanks
Glad our guide was helpful
I want to know which is the best CDN ? cloud Flare or max
Hi Randhir,
At WPBeginner, we recommend MaxCDN. However, if you want to use the free CDN, then Cloudflare can be a good solution.
If i will use cloudfare free version and will change the nameserver then it means my website will run on cloudfare server then how i can edit my website? through cloudfare or my present hosting provider? pls tell me detail.
The only reason I use cloudflare because you can hide where you hosting the site.
i am wondering..
for cloudflare, we need to point the DNS to theirs..
so how we gonna use custom email set up using our own domain (which also need to point the DNS to the email provider) ?
as far as i know, we can’t use two DNS .. (actually we can, but it is expensive)
I am using custom email and cloudflare. Cloudflare doesn’t affect my custom email working.
If my domain is from go daddy and hostino is from inmotion hosting and I change my domain name server to my hosting now I want to join cloudfare to it then what can I do?
I try to help answer. from godaddy change nameserver to cloudflare, and from cloudflare, set up your DNS and point to your in motion hosting ip address.
After Setting Our Host DNS To Cloudfare DNS, Which bandwidth and storage will be used from our local hosting plan e.g godaddy, namecheap etc or Cloudfare ?
The reasons why I don’t use cloudflare is because of changing the nameservers and second like in this article : it blocks some of the legitime users and that is what I really hate.
I don’t use third party websites where I don’t have full control of it. I saw a couple of times there are you human google click on pictures and it takes forever.
MaxCDN is the only option because you only have to add a cname .. but still ..
The reasons why I don’t use cloudflare is because of changing the nameservers and second like in this article : it blocks some of the legitime users and that is what I really hate.
I don’t use third party websites where I don’t have full control of it. I saw a couple of times there are you human google click on pictures and it takes forever.
MaxCDN is the onlly option because you only have to add a cname .. but still ..
My site is on wordpress and running on godaddy vps server with ssl certificate but it has lots of page load time, now, should I go for cdn cloud flare free account if yes than what about all static IP given with vps account , they will not useable and is vps based site need cloud flare ?
Page loading time is an important issue to get good user experience. This LoudFlare helps us to increase the page loading. Can you tell me which one is better to improve page speed, plugin or CDN?
HI
Just to let you know
I have had a joomla website working on the Free plan and SSL
Not sure if your previous post is now outdated but it is possible.
Regards
You can use the provided Cloudflare SSL but you are unable to use your own SSL on free account
bro can we use this for blogspot blog ?
of course
why not
This was very helpful. Thanks.
i am actually caught in between-
which provider should i choose for my site,
between cloudfare or maxcdn
We use MaxCDN for our sites.
This is truly awesome tip. Anyways, I have a question. If my website contents and domain name are hosted in different hosting companies. In this case, I need to change Name Servers to CloundFlare for both. Am I correct?
Did you find the solution for this as i have different hosting provider and domain name provider is different .If you know the solution then please let me know
after changing the DNS, who is actually will my hosting provider? The hoster OR cloudflare and all editing can be done by same cpanel?
Really very helpful article i have setup my wordpress site with cloudflare
What minification services do you recommend that work well with Cloudfare? This is for a WordPress site that may have potentially high traffic spikes out of the blue. Thanks
I live at the bottom of Africa (Cape Town) with none of their servers close to me am I correct in thinking that Cloud Flare will slow down my website. Most of my traffic is local. I have the same issues with CDNs none of them are close to my location, Europe is the closest. Is my thinking correct?
CloudFlare would add a little latency because we currently don’t have any data centers in SA just yet (being looked at). Visitors from SA would currently hit a data center in Europe.
On the other hand, if you have visitors from a lot of other locations (EU, America, Asia, etc.), then the site would be faster for them.
was just checking ,looks like they have servers in johannesburg.
I have heard about cloudflare but have not tried to make use of it, bout talking about the fact that my site might be down during the propagation of my name server,how long could this take?
It varies, it can take a few hours to a full day.
You will not experience any downtime while you switch to Cloudflare if you do it correctly.
You should not have any downtime at all switching to CloudFlare’s nameservers.
I am a huge fan of CloudFlare. At my shop, we do a lot of sites for professional photographers. CF does an amazing job at making image heavy pages load in a snap!
One tip, don’t forget about CF’s developer mode when you’re making changes. I’ve bashed my head against the wall for some time when my CSS changes weren’t showing up — CF was serving a cached page!
When my website has ‘heavy load’ CloudFlare will make the users access screenshot of the website.
Cloudflare breaks my site’s design. I have a off-canvas menu and Cloudflare’s rocketloader and minification breaks ,y site’s design. So, I have to stick with basic W3 Total cache. Besides Cloudflare actually speeds up your site.
Those features are actually optional and easy to turn off. If you’re using a minify service already, then you don’t want to turn ours on as well (something eventually will break running two minify options at the same time). Rocket Loader would have the potential to impact JavaScript and jQuery & would generally impact something like widgets.
What WordPress theme were you using? That way we can know to avoid using that theme with Cloudfare.