Setting up Cloudflare with Swift

You are here:
Estimated reading time: 4 min

Cloudflare essentially works as a reverse proxy, meaning once you create your account with Cloudflare, your website becomes part of their network and can begin taking advantage of their use of data centers all over the world that directs site traffic.

Cloudflare optimize web content delivery by storing content—such as CSS, JavaScript, and image files—on their servers. Once you’re part of their network, your website’s content and data will be served from the server residing closest to your site’s visitors. This works to decrease page load times. Bonus: with Cloudflare your site is being protected by CloudFlare DDoS protection service.

Swift Performance is fully compatible and complementary with Cloudflare. The first step to use them together, is adding your site to your Cloudflare account.

Step 1: Create Your Cloudflare Account

To get started, head on over to Cloudflare and create a new account:

Step 2: Add Your Website To Cloudflare

Once you’ve created an account, Cloudflare will prompt you to Add a website right away. To do that, just paste your domain name into the box and click Scan DNS Records:

Now, you get to watch a short explainer video while Cloudflare scans your site’s DNS records. Once the process finishes, click Continue.

Step 3: Confirm DNS Records And Modify If Needed

On the next page, you can choose which DNS records will be routed through Cloudflare and which will bypass Cloudflare’s network.

You don’t necessarily need to do anything in this interface.

In fact, the only thing that you absolutely need to verify is that you see the orange icon next to the record for your actual domain name:

If you’re a beginner, you can usually stop right now. But depending on your website’s setup, you might also want to verify that:

  • You see the MX records for your email (if applicable). Cloudflare does not route MX records through its network.
  • Any subdomains that you use are either included or excluded from Cloudflare (according to your desired configuration).

Once you’ve configured everything, click the Continue button.

Step 4: Choose Your Plan

On the next page, Cloudflare will try to upsell you to its paid plans. For now, you can just go ahead and choose the Free Website option:

Step 5: Change Nameservers to Cloudflare

At this point, you’re ready to switch your nameservers over to Cloudflare. Head to wherever you registered your domain name and update the nameservers to the two values provided by Cloudflare:

If you’re not sure how to do this – We recommend that you consult your domain name registrar’s support documentation, as the process is different for each registrar.

Once you make the changes at your registrar, head back to Cloudflare and click the Continue button to finish the process.

You may need to wait several hours while your new nameservers propagate:

But once your nameservers have propagated, you should see the full Cloudflare dashboard:

More Advanced Cloudflare Configuration Options You Should Set Up

While the basic Cloudflare setup process is fairly simple, if you want to optimize your site, you’ll need to configure some additional settings in your Cloudflare dashboard, especially if you’re using WordPress.

Step 1: Configure Cloudflare SSL Settings

Cloudflare gives you multiple options for how you configure your SSL connection:

  • Off – no SSL active. This isn’t recommended
  • Flexible – traffic is secure between your visitor and Cloudflare, but not between Cloudflare and your origin server.
  • Full – secure connection between both your visitor and Cloudflare and Cloudflare and your origin server
  • Full (strict) – the same as Full but with the benefit of authentication

Here’s which option to use:

  • If you’re able to install an SSL/TLS certificate at your host, use one of the Full options (depending on the type of certificate you have).
  • If you’re unable to install an SSL/TLS certificate at your host, use the Flexible option. It still adds some security and gets you the coveted “green padlock”.

To configure your SSL settings, go to the Crypto tab in your Cloudflare dashboard and use the drop-down:

Step 2: Set Up HTTPS And WordPress-Specific Page Rules

Page rules are a helpful feature that let you:

  • Exclude specific URLs from Cloudflare
  • Force HTTPS on all your pages/content

By default, Cloudflare gives you 3 free page rules, though you can add additional page rules starting at $5 per month for 5 rules.

For most WordPress sites, though, 3 page rules are enough to get started. Here’s what you’ll want to use them for:

  • Force HTTPS
  • Exclude wp-admin from Cloudflare and secure
  • Secure wp-login.php

The latter two rules are important to secure sensitive areas of your site and ensure that you don’t experience any issues with the WordPress dashboard.

To set up your page rules, go to the Page Rules tab in your Cloudflare dashboard. Then, click Create Page Rule:

Page Rule #1: Force HTTPS

To force site-wide HTTPS use, create a page rule for http://*domain.com/* like follows:

Page Rule #2: Secure wp-admin And Exclude From Cache

Next, create a rule for domain.com/wp-admin* like follows:

Page Rule #3: Secure wp-login.php

Finally, create a third page rule for domain.com/wp-login.php* like follows:

Here’s a quick recap:

Rule #1:

http://*domain.com/*

Always use HTTPS

Rule #2:

domain.com/wp-login.php*

Security Level: High

Rule #3:

domain.com/wp-admin*

Security Level: High, Cache Level: Bypass, Disable Apps, Disable Performance

Other Important Cloudflare Settings

Make sure you have DISABLED in Speed Tab

  • Auto Minify, Javascript, CSS, HTML
  • Rocket Loader

 

Now you have set Cloudflare and just need to enable autopurge cache in Swift Performance plugin.

First, grab your Cloudflare Global API Key (found in your Cloudflare profile)

A window will popup which will open your CloudFlare account where you will be able to find your API Key under API KEY section. Once you have obtained your API Key, enter your email address and API Key inside your WordPress website and click on SAVE API Credentials button.

Now visit Swift’s Cloudflare tab to Enable Auto Purge which purges Cloudflare’s cache automatically when Swift’s cache is cleared.

Enable Auto Purge -If you enable this option the plugin will purge the cache on Cloudflare as well when it clears plugin cache. It is recommended to enable this option if you are using Cloudflare with caching.

Cloudflare Account E-mail – Your e-mail address which is related to the Cloudflare account that you are using for the site.

Cloudflare API Key – The generated API key for your Cloudflare account. Global API key

Cloudflare Host – Cloudflare host should be your site hostname. E.g. if you have a site: something.yourdomain.com by default it will be the host for Cloudflare (to get the zone ids), but if it is a subdomain you should use only yourdomain.com here. If using top level domain (without www) you don’t need to touch it.

 

Was this article helpful?
Dislike 0 2 of 2 found this article helpful.
Malcare WordPress Security