outsourceeasilycom Blog

How do you configure Cloudflare's settings for WordPress

Apr 27, 2022
Cloudflare settings for WordPress.

How?

If properly configured, all request that is made to your website will go through a Cloudflare server. The server will be able to decide if the request has to be routed to the server that was the source of it, or served via the cache or block or processed using customized rules.

DNS vs Cloudflare DNS

For performance as well as performance and uptime, Cloudflare DNS and DNS perform very similar both in terms of performance as well as uptime and both offer excellent services. One of the main differences between these two solutions is Cloudflare's extra security options and its performance. DNS is solely an DNS solution. But, Cloudflare provides DNS and an alternative proxy layer, that acts as a firewall CDN, and more.

How to configure Cloudflare's Settings for WordPress

Cloudflare provides a broad range of security and performance advantages. It's however not all completely adaptable to WordPress. Let's look in depth into the options of Cloudflare to discover the most effective options you could use for your WordPress website.

SSL

Cloudflare provides four modes for SSL/TLS encryption: Off Flexible, Full and Full (Strict).

  • Off - No encryption.
  • Flexible only encrypts the communication between your web browser and Cloudflare.
  • Complete End-to-end encryption that allows you to use a self-signed certificate for the server of origin.
  • Ful (Strict) - End-to-end encryption that requires an free origin certificate by Cloudflare or a valid certificate issued by a reliable CA (certificate authority). We recommend that you use SSL with full (Strict) SSL mode to guarantee maximum security.

Alternatively, you can also create an Cloudflare origin certificate and install it on your origin server. If your hosting provider doesn't have free SSL certificates, and you wish to set up a Cloudflare origin certificate, the server will permit you to utilize full (Strict) SSL mode.

This feature allows you to use Cloudflare's Flexible SSL while ensuring Cloudflare Full (Strict) SSL on subdomains hosted by the .

Always ensure that you use HTTPS.

The HSTS

Minimum TLS Version

Automatic Rewrites of HTTPS

Speed

A majority of Cloudflare options that are geared towards efficiency, including the optimization of images and asset minimization is available in"Speed" "Speed" area.

Image Resize (Business Only)

The Cloudflare feature for images resizing works by adding an end point on your images. Check out the following example to see how it operates.

 Original Image URL

https://yourdomain.com/wp-content/uploads/2020/01/picture.jpg

 Dimensioned Image URL

https://yourdomain.com/cdn-cgi/image/fit=contain,format=auto,metadata=none,onerror=redirect,quality=70,width=720/https://yourdomain.com/wp-content/uploads/2020/01/picture.jpg

The "width" parameter is able to be changed to create different thumbnail sizes in real-time without the need for additional resources on your server that is the source. If you're looking for an alternative service that is comparable to Cloudflare's resizing of images feature, Imgix and Cloudinary are excellent options.

Polish (Pro Only)

Auto Minify

Brotli

Improved Prioritization of HTTP/2 (Pro Only)

Mirage (Pro Only)

Mirage can also make multiple image requests a single request, which can reduce the amount of roundtrips required for the site to load fully. If your site uses a number of images that are geared towards a large mobile audience, Cloudflare Mirage can have beneficial effects on efficiency.

Rocket Loader

Caching

Caching Level

It is recommended to keep the caching level at "Standard", which permits the latest versions of the assets to be accessible via a certain query string.

Expiration of Browser Cache

Firewall

Do you want to know what we did to increase the amount of traffic we receive by 1000 percent?

Join the 20,000+ who receive our newsletter every week. It is packed with tips and insider WordPress advice!

For the majority of WordPress web pages, and the level of security offered by Cloudflare's free program will meet the needs of. If you're operating the site of a business that needs additional security, Cloudflare's Pro-level WAF and controlled rulesets will help protect your website further.

Network

Secure HTTP/3 connections are benefited by an enhanced handshake routine and result in less connections and shorter times. When HTTP/3 is enabled in the dashboard of your Cloudflare dashboard, users that are supported can use HTTP/3 to connect to Cloudflare servers.

Lastly, Cloudflare's 0-RTT Connection Resumption feature increases loading times for visitors who have previously been connected to your site.

Page Rules

Cloudflare forwarding URL page rule.
Cloudflare forwarding URL page rule.

This rule matches URLs beginning by www.brianonwp.com. Note the addition of the asterisk symbol that allows you to create matches using wildcards. Think of the asterisk as "anything there". Under the URL pattern, you can see this page rule is configured to 301 redirect all matching requests to https://brianonwp.com/$1, where "$1" refers to the "first wildcard" in the matching pattern.

With a page rule like this one, requests to www.brianli.com/specific-page/ will be redirected to brianli.com/specific-page/.

With Cloudflare rule-based page, you are able to set specific parameters to any URL with a match. Check out the options that you can apply for page rules. Some settings are even able be combined into one page rule!

  • Always Online - toggle Cloudflare's "Always Online" feature which provides static HTML pages when the server that is used to create them is found to be offline.
  • Always make use of HTTPS to make HTTPS mandatory on compatible URLs.
  • Auto Minify Auto Minimize HTML0 - activate or disable CSS, HTML and JS minification.
  • Automated HTTPS Rewrites enable the rewriting of HTTP URLs to HTTPS versions.
  • The Browser Cache TTL determine the TTL of the browser cache of URLs which match. In other words, you could configure different TTLs of the browser cache for different types of documents.
  • browser Integrity Check Browser Integrity Testing switch off or turn on Cloudflare's "Browser Integrity Check" feature that examines HTTP headers in order to find spammers or other harmful traffic.
  • Cache Deception Armor - enable or disable Cloudflare's "Cache Deception Armor" feature which guards against cyber-attacks on web caches by making sure that an asset's file extension matches the "Content-Type".
  • Cache Level - Configure the cache level in order to allow the use of URLs that match.
  • Disable Apps - disable Cloudflare application integrations to match URLs.
  • Disable Performance: disable performance-related functions when URLs have the same format.
  • Disable Railgun - disable Railgun for matching URLs.
  • Enable Security to disable security settings for websites that support HTML0.
  • Edge Cache TTL - define the edge cache TTL (the duration for which the asset will be stored in Cloudflare's edge network).
  • Email Obfuscation activate or deactivate Cloudflare's script for email obfuscation that reduces successful bot scraping through the jumble of emails.
  • Forwarding URL create a redirect 301 or a 302 redirect in order to redirect an alternative URL.
  • Header IP Geolocation Header - toggle on or off Cloudflare's IP geolocation HTTP header.
  • Opportunistic Encryption lets clients access HTTP URLs via a secured TLS channel.
  • Origin Cache Control Cache Control for HTML0 - specify how you want Cloudflare to handle the servers "Cache-Control" instruction.
  • Rocket Loader The user can switch off or disable Rocket Loader when URLs are in a similar order.
  • Security Level - indicate the level of security that is compatible with URLs.
  • Server Side Excludes toggle on or off Cloudflare's "Server Side Excludes" feature, which allows you to block private data from harmful web traffic by embedding HTML into

Article was posted on here