Do you want to use the free Cloudflare CDN on your WordPress site?
Cloudflare is one of the best WordPress CDN services available in the market. They offer a free CDN that speeds up your website along with a suite of powerful security features for small business websites.
The challenge is that many entry-level users are not able to use Cloudflare because they think it is hard to set up.
In this guide, we will walk you through a complete Cloudflare setup in WordPress to help you improve your website speed.
Table of Contents:
- What is a CDN? Why Do You Need It?
- What is Cloudflare CDN?
- Setting Up Cloudflare CDN in WordPress
- Method 1: Cloudflare Setup from Web Host cPanel (SiteGround)
- Method 2: Setting Up Cloudflare Manually
- Configuring Most Important Cloudflare Settings
- Optimizing Cloudflare for WordPress
What is a CDN? Why Do You Need a CDN for Your Site?
A CDN or Content Delivery Network is a system of distributed servers which helps deliver your website files faster to the users based on their geographic location.
Typically, a web hosting service serves your website visitors from a single location.
All the users access the same server, no matter where they are located. This can result in a delay in content delivery for users living further away from your website’s central hosting server.
CDNs solves this problem by setting up multiple edge servers in different locations around the globe.
These CDN servers cache static content from your site’s origin/central server, store, and present them to the users after they request for it.
When there is a user request, the CDN server closest from the user’s location will handle it.
For example, if someone in the USA wants to access a UK-hosted website, then a CDN server in the USA will serve that request, not the main sever in the UK.
With a CDN, all the user requests are handled by the nearest CDN servers. This mitigates the physical distance between the visitors and your website’s server.
As a result, this improves your website performance and speed for all users regardless of their geographic location.
A faster website also improves user experience and gives your website a slight boost in SEO rankings.
Using a CDN also reduces the load on your primary server and protects it from crashing during traffic spikes. If you want to learn more, see our guide on why you need a CDN for your WordPress blog.
What is Cloudflare CDN?
Cloudflare is one of the most popular free CDN providers available on the internet. It is a large network of globally distributed servers which automatically cache static content and deliver dynamic content swiftly.
On top of a CDN service, Cloudflare is also a cloud-based website firewall and a distributed proxy server. It monitors all incoming traffic to your website and blocks suspicious traffic even before it reaches your server.
They offer a free basic plan that’s suitable for small business websites and blogs. They also offer paid plans starting at $20 per month.
Cloudflare is an excellent choice for small businesses looking for a free CDN. However, if you want to fully utilize all of Cloudflare’s features, then you will need the Business plan which costs $200 per month.
Editor’s note: We do not use Cloudflare on WPBeginner. Instead we use Sucuri as a website firewall and CDN. This firewall has the double benefit of improving speed and security.
Setting Up Cloudflare on Your WordPress Site
Setting up Cloudflare on a WordPress website is quite easy. There are two different methods:
- By using a single-click Cloudflare setup option in your host’s control panel
- By signing up manually on Cloudflare website
The first method is the easiest way to enable the Cloudflare CDN on your WordPress blog.
Some of the top WordPress hosting services like SiteGround have partnered with Cloudflare to offer an easy setup option through their control panel.
If your web host doesn’t offer a built-in Cloudflare setup option, then you can manually add the service on your site. We will show both of these methods in details below.
Method 1: Setting up Cloudflare CDN with One-Click Setup Option in cPanel
We mentioned earlier that some WordPress hosting providers, like SiteGround, offer an easy option to configure Cloudflare CDN in WordPress.
These web hosts provide a built-in Cloudflare integration app in your hosting cPanel to enable the service with just a few clicks.
This Cloudflare setup option works similarly with most hosting providers that have the integration. For your reference, we will show the setup process on SiteGround hosting.
Enabling Cloudflare CDN on SiteGround
If you are using SiteGround as your WordPress hosting company, then you can set up Cloudflare CDN on your site in just a few minutes.
To get started, login to your cPanel account and you will find the ‘Cloudflare’ option listed under the ‘Speed’ tab. For example, take a look at the screenshot below.
To enable Cloudflare free CDN on your website, just click on the ‘Set Up’ button to continue.
Those using the older version of cPanel will find it in the ‘Site Improvement Tools’ section. After that, click on the ‘Cloudflare’ icon.
After that, you will see a popup asking you to create a Cloudflare account or connect to your existing one.
Simply enter an email address and password, then click the ‘Create’ button.
Next, you will see a message indicating that the CDN activation is in progress.
Once it is complete, the Cloudflare CDN will be active on your WordPress site.
Method 2: Setting up Cloudflare CDN in WordPress Manually
If your web hosting doesn’t have a single click Cloudflare configuration option, then you can use this method. It can take a few more minutes, but it is also easy and user-friendly.
To begin, you need to visit Cloudflare website and click on the ‘Sign Up’ button.
On the next page, you need to enter your email address and password to create a Cloudflare account. Simply enter the information required, and then click on the ‘Create Account’ button.
On the next screen, you’ll be asked to choose the type of Cloudflare plan you want.
For this tutorial, we’ll choose the standard Cloudflare plan. Then, click ‘Get Started’
After that, you can choose a free or paid plan.
Scroll down to choose the free plan, and then click ‘Continue’.
After that, you need to enter your website’s URL.
Then, click the ‘Add Site’ button.
After that, Cloudflare will show you a list of all DNS records their systems found. This will include your subdomains as well.
The DNS records you want to be passed through Cloudflare will have orange cloud icon. The DNS records that will bypass Cloudflare will have a gray cloud icon.
You need to review the list to make sure that your primary domain is active on Cloudflare with an orange cloud icon.
Once you verify your DNS records, click on the Continue option at the bottom.
On the next and the final step of your setup, Cloudflare will ask you to update your nameservers. You will be asked to change your name servers and point them to Cloudflare nameservers.
Notice: Changing nameservers can take some time to propagate through all over the internet. During this time, your website may become inaccessible for some users.
You can change name servers from your domain registrar account like Domain.com.
Or, if you got a free domain from your web hosting provider like Bluehost, then you will have to change the name server by logging into your hosting account.
For the sake of this tutorial, we will be showing you how to change the name servers from the Bluehost control panel.
While the process is similar across hosting companies, you can always ask your hosting provider for detailed instructions for their control panel.
Once you are logged on to your Bluehost cPanel dashboard, go to ‘Domains’ section, and select your domain name. After that, click on the ‘Name Servers’ tab and ‘Edit’ option.
Next, you need to select ‘Custom’ and enter the nameservers provided by Cloudflare.
Then, click the ‘Save’ button.
After that, you need to go back to Cloudflare setup page, and click on ‘Done, check nameservers’ button to finish the setup.
It will now check your new nameservers automatically.
That’s it! Now it will take a few minutes to update your domain nameservers and activate Cloudflare.
Once activated, you will see the success message on your Cloudflare dashboard.
You can now customize your Cloudflare settings from this dashboard. We will show you the most critical settings in the next section.
Note: The above screenshots show the Bluehost control panel. Your nameserver settings may look different if you’re using a different hosting provider.
Configuring Most Important Cloudflare Settings
Your basic Cloudflare set up is complete, but there are a few essential settings you need to configure to keep your WordPress site secure.
1. Configure WordPress Specific Page Rules
By setting up page rules, you can customize how Cloudflare works on specific pages on your site. It is especially useful in securing critical pages like login page, wp-admin area, etc.
The Cloudflare free account allows you to set up three page-rules. If you want to add more page rules, then you need to pay $5 per month for five additional rules.
First, you need to click the ‘Rules’ option at the top navigation menu and then click the ‘Create Page Rule’ button.
After that, you can setup three different page rules.
Simply add the following settings below to secure your website.
a) Secure your WordPress login page
Page URL: example.com/wp-login.php*
Settings: Security Level – High
Then, click ‘Save and Deploy’
b) Exclude WordPress Dashboard from Cloudflare and Enable High Security
Page URL: example.com/wp-admin*
Settings: Security Level – High
Cache Level – Bypass
Disable Performance
Disable Apps
Then, click ‘Save and Deploy’
c) Force HTTPS
Page URL: http://*example.com*
Setting: Always use HTTPS
Then, click ‘Save and Deploy’
Note: Some users have reported issues with configuring force HTTPS with Cloudflare.
A great alternative is using the All in One SEO plugin. It’s the best SEO plugin for WordPress used by over 2 million sites.
First thing you need to do is activate and install the plugin. For more details, see our guide how to install a WordPress plugin.
After that, navigate to All in One SEO » General Settings and then enter your license key into the ‘License Key’ box and click ‘Connect’.
You can find your license key in your account profile on the All in One SEO website.
Next, navigate to All in One SEO » Redirects and then click the ‘Full Site Redirects’ menu navigation option.
Scroll down the page until you find the ‘Canonical Settings’ toggle.
Then, click this toggle so it turns blue.
Next, turn on the ‘Redirect from HTTP to HTTPS’ toggle.
This will create a redirect from HTTP to HTTPs.
When you’re done, make sure to click the ‘Save Changes’ button at the bottom or top of the screen.
2. Configure SSL Certificate Settings
Another important setting is the SSL certificate available in the ‘SSL/TSL’ menu at the top.
Make sure to click the ‘Full’ radio button if you are already using SSL.
If you don’t have an SSL certificate, then see our guide on how to get a free SSL certificate for your website.
Once you’re done, Cloudflare will provide a coveted green padlock to signify that your website is secure.
Optimizing Cloudflare for WordPress Using a Plugin
Cloudflare offers a dedicated WordPress plugin for one-click WordPress-optimized settings.
The plugin lets you quickly set up Cloudflare on your WordPress site, add web application firewall (WAF) rulesets, automatically purge the cache, and more.
To get started, install and activate the Cloudflare plugin on your website. For more details, see our step by step guide on how to install a WordPress plugin.
Once done, you need to visit Settings » Cloudflare in your admin panel to configure the Cloudflare settings.
On the settings page, you will see a ‘Create Your Free Account’ button and sign-in option for existing accounts. Simply click the ‘Sign in here’ link.
On the next screen, you will need to enter your Cloudflare email and API key.
Click the ‘Get your API key from here’ link.
This will bring up a popup for your account area on the Cloudflare website.
Make sure you are on your ‘My Profile’ page and then click on the ‘API Tokens’ menu option.
After that, go to the ‘Global API Key’ section and click on the ‘View’ button.
This will open a popup and display your API key.
You need to copy the key.
Next, come back to your WordPress dashboard and enter your email address and API key.
Then, click the ‘Save API Credentials’ button.
After that, the Cloudflare settings will appear on your dashboard.
From here, you can apply a single-click WordPress optimization, purge cache, enable automatic cache, and more.
To optimize your WordPress site, click the ‘Apply’ button.
Next, click on the ‘Settings’ menu option.
Here you will find more site optimization settings.
You can scroll down on this screen to find the ‘Security’ section.
To improve your security select ‘High’ from the drop-down list.
We hope this article helped you to learn how to set up Cloudflare free CDN in WordPress. You may also want to see our ultimate WordPress security guide and our expert picks of the best virtual business phone number apps.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
I added Cloudflare to my website today. So, I had to remove my hosting’s nameservers & replace them with Cloudflare nameservers from my domain registrar.
This is the question – 1. So, how my hosting account still works? I have removed its nameservers from the domain registrar
When I tried to add the page rules for my wordpress login page, I got message “Not Acceptable! An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.”
Is anything I did wrong? Or I just need to wait for a little while to try again?
You would want to check with your hosting company for that specific error as that normally means they have a security rule set to prevent certain things on your site.
I s there a way to turn off the second loading screen for security verification purposes and that CAPTCHA page which you have mentioned in the Cons of Cloudflare?
You should be able to change the settings to remove that if you wanted but you would want to check with CloudFlare for the current method.
I’m setting up Cloudflare – thanks to your article! I’ve already got W3 super cache plugin – do I need both? Are they going to confuse each other? Total newb question I know!
They have slightly different functions and there is an integration so the two can work with each other without an issue.
Thank you for this guide. It helped me reduce the time my page loads
Glad our guide was helpful
What if someone mistakenly adds the wrong parameters in page rules and then deployed it. Is there any way back to change page rules after deploying it?
You can change your settings after setting them if you need to.
thanks for sharing this content
You’re welcome
Probably a noob question, but I have a lot of existing video and photo files on my site. Will they all be migrated to Cloudflare’s CDN or do I have to do that manually? I followed the setup steps, but my content still takes forever to load, and when I view its URL, it’s still showing my site’s URL and path.
You shouldn’t need to transfer your content, for the slow loading you may want to reach out to CloudFlare for them to take a look
Thanks so much for this, helps a lot!
Just to be clear, even though I’ve added my site to cloudflare, I still need to get an SSL cert separately? Cloudflare does not supply ssl cert?
Thanks again!
You would want to take a look again under the Configuring Most Important Cloudflare Settings section for CloudFlare’s SSL
Admin, kindly answer these question like
After changing the DNS, who is actually will my hosting provider? The hoster OR cloudflare and all editing can be done by same cpanel?
Your hosting provider would still be your hosting provider.
thank you very much, I was looking for a proper step-by-step Cloudflare set up! and TA DA!! you guys are savior.
It would be great if you publish about the best of cloudflare settings, from the plugin.
Glad you found our article helpful
Thank you for such a great publications, it really help me set up my cloud flare account easily. Keep the good work.
You’re welcome, glad our guide was helpful
Very helpful information and with the pictures for verification i could confirm everything instead of guessing, thankyou very much for compiling this! It is BRILLIANT
You’re welcome, glad our guide could be helpful
superb guide, easy to follow thanks
Glad our guide was helpful
I want to know which is the best CDN ? cloud Flare or max
Hi Randhir,
At WPBeginner, we recommend MaxCDN. However, if you want to use the free CDN, then Cloudflare can be a good solution.
If i will use cloudfare free version and will change the nameserver then it means my website will run on cloudfare server then how i can edit my website? through cloudfare or my present hosting provider? pls tell me detail.
The only reason I use cloudflare because you can hide where you hosting the site.
i am wondering..
for cloudflare, we need to point the DNS to theirs..
so how we gonna use custom email set up using our own domain (which also need to point the DNS to the email provider) ?
as far as i know, we can’t use two DNS .. (actually we can, but it is expensive)
I am using custom email and cloudflare. Cloudflare doesn’t affect my custom email working.
If my domain is from go daddy and hostino is from inmotion hosting and I change my domain name server to my hosting now I want to join cloudfare to it then what can I do?
I try to help answer. from godaddy change nameserver to cloudflare, and from cloudflare, set up your DNS and point to your in motion hosting ip address.
After Setting Our Host DNS To Cloudfare DNS, Which bandwidth and storage will be used from our local hosting plan e.g godaddy, namecheap etc or Cloudfare ?
The reasons why I don’t use cloudflare is because of changing the nameservers and second like in this article : it blocks some of the legitime users and that is what I really hate.
I don’t use third party websites where I don’t have full control of it. I saw a couple of times there are you human google click on pictures and it takes forever.
MaxCDN is the only option because you only have to add a cname .. but still ..
The reasons why I don’t use cloudflare is because of changing the nameservers and second like in this article : it blocks some of the legitime users and that is what I really hate.
I don’t use third party websites where I don’t have full control of it. I saw a couple of times there are you human google click on pictures and it takes forever.
MaxCDN is the onlly option because you only have to add a cname .. but still ..
My site is on wordpress and running on godaddy vps server with ssl certificate but it has lots of page load time, now, should I go for cdn cloud flare free account if yes than what about all static IP given with vps account , they will not useable and is vps based site need cloud flare ?
Page loading time is an important issue to get good user experience. This LoudFlare helps us to increase the page loading. Can you tell me which one is better to improve page speed, plugin or CDN?
HI
Just to let you know
I have had a joomla website working on the Free plan and SSL
Not sure if your previous post is now outdated but it is possible.
Regards
You can use the provided Cloudflare SSL but you are unable to use your own SSL on free account
bro can we use this for blogspot blog ?
of course
why not
This was very helpful. Thanks.
i am actually caught in between-
which provider should i choose for my site,
between cloudfare or maxcdn
We use MaxCDN for our sites.
This is truly awesome tip. Anyways, I have a question. If my website contents and domain name are hosted in different hosting companies. In this case, I need to change Name Servers to CloundFlare for both. Am I correct?
Did you find the solution for this as i have different hosting provider and domain name provider is different .If you know the solution then please let me know
after changing the DNS, who is actually will my hosting provider? The hoster OR cloudflare and all editing can be done by same cpanel?
Really very helpful article i have setup my wordpress site with cloudflare
What minification services do you recommend that work well with Cloudfare? This is for a WordPress site that may have potentially high traffic spikes out of the blue. Thanks
I live at the bottom of Africa (Cape Town) with none of their servers close to me am I correct in thinking that Cloud Flare will slow down my website. Most of my traffic is local. I have the same issues with CDNs none of them are close to my location, Europe is the closest. Is my thinking correct?
CloudFlare would add a little latency because we currently don’t have any data centers in SA just yet (being looked at). Visitors from SA would currently hit a data center in Europe.
On the other hand, if you have visitors from a lot of other locations (EU, America, Asia, etc.), then the site would be faster for them.
was just checking ,looks like they have servers in johannesburg.
I have heard about cloudflare but have not tried to make use of it, bout talking about the fact that my site might be down during the propagation of my name server,how long could this take?
It varies, it can take a few hours to a full day.
You will not experience any downtime while you switch to Cloudflare if you do it correctly.
You should not have any downtime at all switching to CloudFlare’s nameservers.
I am a huge fan of CloudFlare. At my shop, we do a lot of sites for professional photographers. CF does an amazing job at making image heavy pages load in a snap!
One tip, don’t forget about CF’s developer mode when you’re making changes. I’ve bashed my head against the wall for some time when my CSS changes weren’t showing up — CF was serving a cached page!
When my website has ‘heavy load’ CloudFlare will make the users access screenshot of the website.
Cloudflare breaks my site’s design. I have a off-canvas menu and Cloudflare’s rocketloader and minification breaks ,y site’s design. So, I have to stick with basic W3 Total cache. Besides Cloudflare actually speeds up your site.
Those features are actually optional and easy to turn off. If you’re using a minify service already, then you don’t want to turn ours on as well (something eventually will break running two minify options at the same time). Rocket Loader would have the potential to impact JavaScript and jQuery & would generally impact something like widgets.
What WordPress theme were you using? That way we can know to avoid using that theme with Cloudfare.