How to Setup Cloudflare CDN for WordPress

Automatic HTTPS Rewritescloudflare plans
Security Level
search for cloudflare plugin
A handy option for those who have signed up to Cloudflare to take advantage of its free SSL certificates. This function changes “http” to “https” for all links and resources on your site.

Option A: Install Cloudflare through your hosting dashboard
cloudflare scanning dns

  1. Go to and enter your email and preferred password in the sign up box or click the sign up button on the top right:

The free version of Cloudflare is not compatible with SSL certificates provided by your web host so if you use SSL on your site you’ll need to opt for one of the paid Cloudflare plans. The free Cloudflare plan also provides a SSL option for those who don’t need the full security of paid SSL certificates.

  1. Enter your details on the registration page if they’re not already pre-filled:

The free version of Cloudflare is not compatible with SSL certificates provided by your web host so if you use SSL on your site you’ll need to opt for one of the paid Cloudflare plans. The free Cloudflare plan also provides a SSL option for those who don’t need the full security of paid SSL certificates.

  1. You’ll be taken to a registration page:

The Cloudflare CDN is easy to set up and just as easy to turn off again if you change your mind. If you try out Cloudflare and find it doesn’t really work for you, there are other options for speeding up your WordPress site and improving security.

  1. After filling out your details and clicking the “create account” button, you’ll be walked through the process for getting started with Cloudflare.
  2. Start by entering your domain and clicking the button to “scan DNS records”

This reduces bandwidth usage by serving up cached HTML content for unregistered users but displays real-time custom content for registered users based on cookie.
cloudflare at bluehost
cloudflare link in cpanel

  1. Once the scanning is finished, press the “continue” button. You’ll be presented with a screen showing auto-detected DNS settings for you to verify. In most cases you won’t need to change anything here. Make sure that Cloudflare is enabled for both your naked domain and www (orange cloud) and that it’s disabled for mail services and ftp (grey cloud). If everything looks ok just scroll down and click the “continue” button.

If you want to make the switch from HTTP to HTTPS for SEO purposes (Google now gives more power to sites with SSL certificates), using Cloudflare is an easy and free way to do so.

  1. You then need to choose a plan. Select the “free website” option.

cloudflare plugin

  1. The final step will provide you with the Cloudflare nameservers that you’ll need to change in your registrar settings (this is where your domain name is registered, which may or may not be the same place as your hosting). It can take up to 24 hours for the new nameservers to be recognized, but should not cause any downtime.

It’s also very easy to start using Cloudflare with your WordPress site and in this guide we’ll talk you through the steps so you can give it a go and see if it makes a difference to your site.
Cloudflare is one of the most popular CDN services around at the moment, mainly because they offer a free plan that is ideal for personal websites and blogs, or anyone who wants to try out a CDN before committing to a paid plan.
With this option cached images are optimized to reduce file size and delivers images faster for users on mobile devices with slow connections.

  1. Once you’ve changed your nameservers at your registrar, go back to Cloudflare and click the “Recheck nameservers” button. This will add your domain to the checking queue and you can return in a few hours to check that everything has been switched over correctly.

Development Mode

Setting up the Cloudflare WordPress Plugin

Advance DDoS (Business plan only)
cloudflare security

  • One-click settings optimized for WordPress
  • Automatic cache purge when you update your site
  • Direct access to settings and analytics from the WordPress dashboard
  • WordPress-specific firewall rulesets for paid accounts
  • Support for HTTP2/Server Push to deliver push notifications to the user’s browser.
  1. In your WordPress dashboard go to Plugins > Add New and search for “cloudflare”.

cloudflare plugin analytics

  1. Click the “Install Now” button for the official plugin.
  2. When the button changes to a blue “activate” button, click it again.
  3. This should take you to the plugins page. Click “Settings” under Cloudflare (you can also access the settings page from Settings > Cloudflare in the main WordPress menu

cloudflare settings home

  1. Click the link on the settings page to sign into your Cloudflare account

cloudflare signup

  1. Enter your email and API Key (you can find this under “Global API” at

Image Optimization (Pro plan only)

  1. You’ll then be taken to the Cloudflare settings homepage

You’ll find the option to turn on development mode under settings. If you activate this, you’ll be able to bypass the Cloudflare cache and see changes you make to the site in real-time. You should activate this mode if you are doing any design tweaks or other development work on your site.

  1. Use the one-click settings to optimize for WordPress – click the “Apply” button.
  2. Enable “Automatic Cache Management” so that the Cloudflare cache will be flushed automatically when you update your site (this stops Cloudflare from serving up out of date versions of your site)
  3. Click on the “settings” link to review your settings and change anything if required.

You can enable this mode using the button on the top right corner of the settings home page. You can use this feature when your website is under a DDoS attack to make every visitor view an interstitial page while their traffic and behavior is analyzed for level of threat.

  1. Click the “Analytics” link to see the requests to your site, bandwidth used, and threat by country.

Cache HTML at CDN (Business plan only)

Advanced Cloudflare WordPress Plugin Settings

Cloudflare can be a bit excessive with what it considers a threat so if you’re getting complaints from people that they are challenged when accessing your site for a legitimate reason, you might want to drop the security level down to Low.
Features include:
You can choose the security level of Cloudflare from “Essentially Off” to “Under Attack”. As a default this is set to medium, which will display a captcha to both the most threatening visitors and “moderate threat” visitors.
get started with cloudflare
There are some other settings available in the Cloudflare plugin that you might want to take a look at:
cloudflare dns settings
Detects and blocks specific WordPress threats and attacks.
There are also many more advanced settings to access on the Cloudflare website. You can read their official guidelines on settings to harden WordPress security, and speeding up WordPress.
Some webhosts, like Bluehost, provide an easy installation of Cloudflare directly from cPanel:
Cloudflare is a very well known service and is used by some big names such as Zendesk and Cisco. It’s worth giving Cloudflare’s free plan a go, especially if you frequently find your site under attack or you want to conserve bandwidth (you can see how much bandwidth you’re saving under the analytics tab in the Cloudflare plugin).
cloudflare activated on bluehost
Cloudflare has developed an official Cloudflare CDN plugin to provide additional functionality and easy access to settings for WordPress users directly from the dashboard without needing to go to the Cloudflare website.
Once you’ve enabled Cloudflare for your domain, your webhost will take care of the rest and you’ll have access to Cloudflare statistics and settings directly from your cPanel dashboard.
This will take a couple of minutes:
cloudflare activated
Those with bigger sites with a lot of traffic should seriously consider opting for one of the paid Cloudflare plans for enhanced security and performance.
If your webhost doesn’t give you the option to activate Cloudflare through your control panel, it’s easy enough to do yourself.
A content delivery network, or CDN, is a network of worldwide servers that delivers cached web content to users based on their location. Because it takes less time to send data over a shorter geographical distance, using a CDN to host your website instead of a single server can speed up loading times for your website.
The first step is to sign up for a free Cloudflare account.
Web Application Firewall (Pro Plan only)
Here’s what the settings look like in Namecheap:


cloudflare plugin sign in
Under Attack Mode
cloudflare setup complete
You need to register for Cloudflare at first.

Posted by WordPress Guru