How to Install Cloudflare on Your WordPress Site

Cloudflare is a service that protects websites from DDoS attacks, fake traffic, and other security threats. It works as a security and performance layer between your site and visitors. When a user attempts to access your site, the request first passes through Cloudflare, if the traffic is legal (i.e. real users or trusted bots like Googlebot), Cloudflare allows it. However, suspicious traffic is blocked before it reaches your server. 

In this write-up, we will demonstrate how you can use Cloudflare to secure your WordPress website.

Why You Should Install Cloudflare

Cloudflare makes websites safe, fast, and easy to use. It offers benefits like a global CDN that improves loading speed, strong protection against DDoS attacks, free SSL certificates, and a user-friendly dashboard. Moreover, It is easy to set up and manage, even for large and complex systems. It reduces IT workload and gives businesses more control. It provides handy tools for companies and individuals to enhance security and performance.

Installing Cloudflare on a WordPress Site

Cloudflare improves website security and speed through its global Content Delivery Network (CDN). It stores copies of your website content on servers around the world. When a visitor accesses your site, Cloudflare delivers the content from the nearest server, reducing load time. In short, Cloudflare filters harmful traffic and accelerates your website by caching its content closer to your visitors.

Now let’s go through the following steps to understand how to install and activate Cloudflare on your website.

First, go to the official Cloudflare site, and click on the Start for Free button on the homepage:

Get started with Cloudflare either by specifying your email and password or continuing with your Google account:

On successful login, you will be navigated to the Cloudflare dashboard. Now specify your domain name and click on the Continue button to add your site to Cloudflare:

Scroll down and select the Free plan, then click Continue:

Now, you’ll need to update your DNS records. New DNS records will appear; click on Continue to Activation:

Here, copy the nameservers provided by Cloudflare and update them in your domain’s DNS settings:

Go back to your domain registrar (e.g., ultahost), go to the Domains section, select your domain (the one you connected with Cloudflare, like ultahost.com), and choose Manage:

Under DNS > Name Servers, replace the existing nameservers with the ones copied from Cloudflare:

From:
ns1.yourhost.com
ns2.yourhost.com

To:
abc.ns.cloudflare.com
xyz.ns.cloudflare.com

Click Change Nameservers, paste the new ones, and save:

The change may take some time to propagate:

After that, go back to Cloudflare and click on Continue:

It may still show the nameserver update as pending, and you’ll see a message like “Cloudflare is now checking the nameservers…”. Just wait a few hours, or if available, click on Check Nameservers Now to manually trigger the verification:

Once the nameservers are updated, finally, the status will change, and you’ll be able to see analytics for your site, like traffic, bandwidth usage, and attack attempts:

You can also monitor security and performance metrics from the Cloudflare dashboard.

Installing the Cloudflare WordPress Plugin (Optional)

You can install and activate the Cloudflare Plugin to manage settings, optimize performance, and clear cache from your WordPress dashboard. However, you must check the compatibility of the plugin with other tools to avoid unexpected problems.

When you are setting up Automatic Platform Optimization (APO) for the first time, Cloudflare suggests that you disable WordPress performance (caching) plugins like WP Rocket, W3 Total Cache, or any similar ones. It ensures that APO operates smoothly without running into any conflicts. After you have enabled APO, don’t forget to clear the cache from any plugins you were using to prevent any issues and to make sure your site loads correctly. After confirming that APO is functioning as it should, you can reactivate those plugins to see if they enhance your site’s performance or create any problems.

Installing the Cloudflare Plugin

First, proceed to your WordPress dashboard. Then, go to Plugins, click on Add New, and look up Cloudflare. Once found, install and activate the official Cloudflare plugin:

Later, navigate to the plugin settings and enter the Cloudflare email and API key. By logging into your Cloudflare account, you can easily find the API key under “Global API Key.” Also, remember to click “Save API Credentials” so that you keep everything safe:

You’re now ready to control your Cloudflare configurations from various tabs. For example, the Home tab enables you to view or adjust basic configurations. In the Settings tab, you can modify the performance as well as security options to fit your requirements. The Analytics tab shows you some of the traffic as well as security activity on your site:

It is how you can link your WordPress site to Cloudflare and enhance its security.

Common Issues with Cloudflare on WordPress

One of the common issues for WordPress users when integrating with Cloudflare is running into errors like “ERR_TOO_MANY_REDIRECTS” in Google Chrome or “The page isn’t redirecting properly” on Firefox. These issues may arise for a number of reasons, as outlined here:

Cause 1: Flexible SSL Conflict

If your website hosting service, such as Ultahost, has an SSL certificate installed and you turn on Flexible SSL in Cloudflare, you might run into a problem with conflict with Flexible SSL. You may experience a redirect loop since both Cloudflare and your hosting service are attempting to control encryption simultaneously.

Fix 1: Change SSL Settings

You can easily modify the SSL setting in your Cloudflare dashboard from Flexible to Full to prevent any SSL conflicts. This change tells Cloudflare to honor the SSL certificate that’s already set up on your server. If switching the SSL mode doesn’t do the trick, you might want to think about setting up a page rule in Cloudflare to fix the redirect issue.

Cause 2: Cache Issues

Sometimes, caching issues can prevent your updates or changes from showing up on your site. Clearing (or purging) the cache can help fix this. Here are two simple methods to do it:

Fix 1: Clear Cache Using the WordPress Plugin

If you’ve installed the official Cloudflare plugin on your WordPress site, go to Settings > Cloudflare, and you’ll find an option to purge the cache directly from there:

Fix 2: Clear Cache Through Cloudflare Dashboard

You can also log into your Cloudflare account and select the domain name for which you want to clear the cache:

Now, click on the Purge Cache option from the Quick actions:

After this, click on Purge Everything to purge the cache of all of your website files:

Now, click on the “Purge Everything” button to purge all cached files:

Alternatively, you can click on the Custom Purge button to clear the cache of specific URLs and directories. Once your site is working properly, it’s best to only clear specific files rather than purging everything. Cloudflare lets you select individual files to refresh. Keep in mind that purging everything may slow down your site temporarily, as it needs to rebuild the cache.

Final Thoughts

Cloudflare works as a protective layer for your website. You can link your WordPress site to Cloudflare to enhance security and performance. It filters malicious traffic, protects you from DDoS attacks, and speeds up content delivery using its global CDN. Moreover, you can manage your website traffic, security settings, and performance insights using the Cloudflare dashboard or the corresponding WordPress plugin. In this article, we explained how to set up Cloudflare on your WordPress site.

FAQ