Page speed and security should be two issues on the mind of every WordPress site owner.

We wrote a huge post about WordPress and page speed back in 2014. And since then, page speed has only gotten more important. Users want sites to load fast – 30% of people want sites to load in under one second. And if your site doesn’t, they’re probably going to go somewhere else.

WordPress security should always be a concern too. 70% of WordPress installations are vulnerable to hacking, so every bit of security you can add is a huge win.

Want a way to take out two birds with one stone? Install CloudFlare for your WordPress site.

CloudFlare is a CDN that also acts as a proxy between your website and your visitors. This dual action allows CloudFlare to both:

  • Serve up content quickly
  • Filter malicious users before they reach your site

In one package, you get faster page load times and enhanced security. It’s pretty awesome.

In this post, I’ll discuss some pros and cons for CloudFlare and then show you exactly how to set up CloudFlare for WordPress.

Advantages of CloudFlare

On average, CloudFlare sites:

  • Load twice as fast
  • Use 30% less bandwidth
  • Experience 65% fewer requests

CloudFlare has 86 servers scattered around the world, so your content can always load from the place nearest to your visitors.

CloudFlare also amps up your security by:

  • Blocking SQL injection
  • Fighting crawlers and email harvesters
  • Blocking comment spam
  • Ensuring browser integrity

Disadvantages of CloudFlare

The only major negative of CloudFlare is that you no longer control your own nameservers. Now, CloudFlare is a trustworthy company, so I don’t think this is too big of a deal. But, were anyone malicious ever to gain control of CloudFlare, they could technically use this control to inject code into your site.

Additionally, if CloudFlare ever experienced an outage, your site would go down as a result.

Again, I don’t think either of these scenarios are likely. But, losing control of your nameservers is a small detail to keep in the back of your mind.

Setting up CloudFlare on WordPress

Installing CloudFlare for WordPress is incredibly easy. In fact, you can probably complete the whole process in less than 10 minutes. Most of it is done outside your WordPress site, though you will need access to your hosting/domain registrar account to change your DNS details at one point.

Sign up for a CloudFlare account

The first thing you need to do is sign up for an account at CloudFlare. Just head to their site and click the Sign up button:

cloudflare-setup-wordpress-1

Then you’ll need to enter your account details and click Create Account:

cloudflare-setup-wordpress-2

Once you’ve created your account, CloudFlare will take you through a setup wizard to configure everything.

Let’s go through the steps…

Add your website details

This step is pretty dang simple. Just enter the full URL to your website and click Scan DNS Records:

cloudflare-setup-wordpress-3

It might take a minute or so to scan your records – don’t worry. Once CloudFlare is done scanning your records, you’ll need to click Continue to advance.

Verify your DNS records

This might seem a little tricky, but you really only need to look for the orange icon next to your main domain name:

cloudflare-setup-wordpress-4

If you know what you’re doing, you can make some modifications on this page. But again, for most people – just verify that the orange icon is next to your primary domain name.

Once you’ve verified that the orange icon appears, click Continue.

Select your CloudFlare plan

At this step, you need to pick your CloudFlare plan:

cloudflare-setup-wordpress-5

CloudFlare offers both free and paid plans. For the vast majority of users, the free plan is more than good enough. It offers you the standard CloudFlare speed and security improvements for no charge.

If you have some specific needs, you may want to consider one of the paid plans. Paid plans give extra features like firewalls, analytics, mobile optimizations, and more.

Again, if you’re just a regular WordPress user, I don’t think you should feel any urgency to move to a paid plan. If you’re running a business and want total optimization, you may want to consider it.

Once you pick your plan, click Continue.

Change your nameservers

Now’s the first time when you’ll need to step away from the CloudFlare interface. Changing your nameservers, aka your DNS, requires you to go to the domain registrar where you registered your domain name. Here are guides for GoDaddy and Namecheap, but if you’re using a different domain registrar, you’ll need to get specific directions for them.

If you registered your domain through your hosting provider, you’ll need to use your hosting interface to change your nameservers.

Once you find the area to change your nameservers, switch your current nameservers to the new ones CloudFlare gives you:

cloudflare-setup-wordpress-6

That’s it as far as configuring CloudFlare goes. Now, you just need to complete one more step to make CloudFlare play nice with WordPress.

Install the CloudFlare WordPress plugin for accurate comments

You don’t technically have to do this, but without the CloudFlare WordPress plugin, your comments section won’t function 100% properly. That’s why I recommend you still go ahead and install it, especially because it’s easy to configure.

Without the plugin, all comments on your blog will show up as coming from the same IP address. This is a natural side effect of how CloudFlare works. Definitely not ideal…

The CloudFlare plugin fixes that and restores the original IP address of the commenter. Configuring the plugin is easy and should only take a few minutes.

After you install the plugin, you’ll need to input three pieces of information on the plugin settings page:

  • Your domain – enter it as “domain.com”. Don’t include “www” or anything.
  • Your API key – I’ll show you where to find it below.
  • Your API email – this is the same as the email you used to sign up at CloudFlare.

Here’s how to find your CloudFlare API key.

Click the Get this? Link:

cloudflare-setup-wordpress-7

On the linked page, scroll down and click View API Key by the Global API Key option:

cloudflare-setup-wordpress-8

Then copy and paste the API key to your plugin settings page and click Update Options to save the plugin settings:

cloudflare-setup-wordpress-9

You’re all done! CloudFlare is fully configured and ready to work with your WordPress site. Congratulations.

Does CloudFlare Affect SEO?

I know some people are concerned that CloudFlare might have a negative effect on SEO. Don’t worry – CloudFlare worked directly with search engines to ensure that search engines can still properly crawl everything. CloudFlare won’t have any negative effects on your SEO.

Final thoughts

As far as CDNs go, CloudFlare is definitely one of the easiest to set up. The added security and DDoS protection make it even more attractive. There’s definitely a reason over two million sites rely on CloudFlare.


Colin Newcomer is a freelance writer and long-time Internet marketer. He specializes in digital marketing, WordPress and B2B writing. He lives a life of danger, riding a scooter through the chaos of Hanoi. You can also follow his travel blog.

Siteground Hosting
Does WPLift load fast for you? That’s because we use Siteground for hosting, WPLift readers can click here to get up to 60% off hosting for your site.

Disclosure: This page may contain affiliate links for which we will receive compensation if a purchase is made.

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Leave Yours +

6 Comments

  1. Another advantage is that you can easily install free SSL-certificate

  2. Thanks for the instructions have shared this.

    We have set up Cloudflare on a number of sites now and it is very straightforward to do and works very well. Ultimately though this isn’t a fix for slow hosting but it does really help.

  3. A nice tutorial about setting up free Cloudflare.
    Are you going to write some more about the specific settings? Like pagesrules?

  • Comments are Closed

Our Sponsors