CloudFlare – Boost your WordPress site security and performance in 10 minutes

By 1st August 2012 April 22nd, 2020 Shield Security

CloudFlare is an easy-to-use service that immediately adds a boost to your WordPress site’s security and performance.

And it’s free.

What’s the big deal about CloudFlare and can anybody without technical skills use it?

More importantly, will CloudFlare benefit you, and is it worth the effort?

First up… an example of some nice CloudFlare stats

The image below shows an example of some CloudFlare statistics. You can see in 30 days the numbers of visitors and the number of detected threats!

It’s very satisfying…

CloudFlare Statistics Example

An example of some of our CloudFlare statisitcs

What is CloudFlare for, and what does it do?

CloudFlare is a free (and premium) service that sits between your website and your visitors.

It serves 2 main roles:

  1. Performance optimization
  2. Security and protection

CloudFlare is a free caching / CDN

You’ll probably have heard of CDNs by now. If you’re unsure, a quick Google search will reveal its meaning in abundance.

It stands for “Content Delivery Network” – a CDN will serve content on your website from servers distributed around the globe.

CloudFlare will cache your website’s content, such as images, scripts, web pages etc., in its datacentres and when a visitor requests something from your site, instead of getting it from your server (wherever that may be), it will serve it from a datacentre that is physically closer to the visitor.

This makes browsing faster for your visitors, while also relieving your web server of some of the load.

That’s a pretty sweet deal.

Why is this so good for your WordPress website?

  • CloudFlare reduces bandwidth used by your server to deliver content to your visitors
  • CloudFlare reduces load on your server through caching (both server queries and content)
  • “always up” – if your web server is down for whatever reason, CloudFlare will serve cached pages where possible to visitors. Nice! Or it will present a page explaining to the user that the server is down. Much better than a page that never loads.

CloudFlare examines the behaviour of your visitors to prevent spammers/hackers

For iControlWP, CloudFlare security is more important than the caching.

We would rather have a secure site, than not. CloudFlare offers a great security layer.

Based on its own algorithms, it will determine whether a visitor to your site is legitimate. As the CloudFlare network grows, it can make more intelligent decisions about site visitors.

If a user on its network is suspect, and depending on how you have configured your security settings, they will be prompted with a security challenge.

If it’s a bot or a spammer, it’ll fail at the first hurdle.

Nice.

CloudFlare for spambot protection is excellent.

The same goes for hackers that scan for vulnerabilities. CloudFlare is adaptive and will pick up on these patterns, protecting your site from vulnerability scans and hackers.

How easy is CloudFlare to setup and use?

CloudFlare is extremely easy – check out the video on their site to see.

The basic steps you need to get started are:

  1. Create your CloudFlare account
  2. Enter your website’s URL – CloudFlare will do a scan of your DNS records and present you with everything it thinks there is.
  3. You need to compare your current list of DNS entries with what CloudFlare thinks you have and adjust/add/remove any entries as you see necessary.
  4. CloudFlare will give you 2 new name servers to use – go to your domain registrar and change your current name servers to these.
  5. This whole process should take 5~10 minutes.

Then you just need to wait for your name servers to update globally and you’re sorted.

Part 3 above is perhaps the most critical. Take good care to ensure CloudFlare has everything in its DNS that you need.

Downsides to CloudFlare

We’ve experienced a couple of problems with CloudFlare and have had an issue or two with the iControlWP application itself.

We managed to code around the problem, but it pointed to some bugs with the CloudFlare network which were difficult to get resolved.

Then there is SSL. You cannot use SSL on your main website unless you have the premium version of CloudFlare which will set you back $20/month.

I’d personally prefer to see functionality restriction on CloudFlare based on traffic numbers/throughput – this would make it easier for fledgling start-ups like iControlWP to take advantage of the functionality sooner.

But as you can see, there’s not a lot of downside to CloudFlare.

And, if all you have just now is a WordPress site/blog, you can’t lose.

Get CloudFlare on your website today!

You can go to www.CloudFlare.com and get signed-up.

Their setup process is straight forward and they walk you through it all painlessly.

If you have any questions or feedback, please comment below – we’d love to hear what you think.

Leave a Reply