CloudFlare 3.0 Official WordPress Plugin
Recently Shadowood Press began using CloudFlare to offload some of the system resource load users might encounter on our site. This has helped drive page load times down, performance up and has given us access to many important features.
What Exactly is CloudFlare
CloudFlare is a free service that accelerates and secures your website by acting as a proxy between your visitors and the server where you host your WordPress sites. With this you can protect your website against malicious visitors, save bandwidth and reduce average page load times.
Once your website is a part of the CloudFlare community, its web traffic is routed through our intelligent global network. We automatically optimize the delivery of your web pages so your visitors get the fastest page load times and best performance. We also block threats and limit abusive bots and crawlers from wasting your bandwidth and server resources. The result: CloudFlare-powered websites see a significant improvement in performance and a decrease in spam and other attacks. – CloudFlare
What Is CloudFlare’s One Click Optimization
All of CloudFlare’s performance and security benefits in a simple one-click install of recommended settings specifically developed for WordPress.
If you’re not already using some form of Content Delivery Network (CDN) to speed up your WordPress load times, then my all means consider setting up this plugin.
As of last week, CloudFlare has released version 3.0. This version includes among other things, One Click Optimization of the settings, including
- Web Application Firewall (WAF) ruleset
- auto minify for JS, CSS, and HTML
- 4-hr cache expiration
- email address obfuscation enabled
- and more.
CloudFlare is looking to keep user sites protected in real time. Taking advantage of the fact that using their service requires users to redirect the DNS nameservers for their sites, CloudFlare can make updates to their internal system and roll it out instantly. Key features this service provides are:
Web Application Firewall (WAF) Rulesets
Available on all of CloudFlare’s paid plans, the WAF has built-in rule-sets, including rules that mitigate WordPress specific threats and vulnerabilities. These security rules are always kept up-to-date, once the WAF is enabled, you can rest easy knowing your site is protected from even the latest threats.
Automatic Cache Purge
Occurs when you change the appearance of your website. This means that you can focus on your website, while we ensure that the latest content is always available to your visitors. (Note: By default, CloudFlare does not cache HTML, and a cache purge is not required on updating HTML content such as publishing a new blog entry).
User Direct Editing
Change CloudFlare settings from within the plugin itself without needing to navigate to the cloudflare.com dashboard. You can change settings for cache purge, security level, Always Online, and image optimization.
Check out another great post about CloudFlare’s recent updates here: CloudFlare Releases Major 3.0 Update to Official WordPress Plugin
3.0.3 – 2016-09-21
- Fixed an issue where some domains were being incorrectly propagated to the domain selector dropdown
- Fixed an issue where the Web Application Firewall was accidentally triggering RFI Attack Rules
- Fixed an issue where image optimization was not being enabled for Pro and higher CloudFlare plans
3.0.2 – 2016-09-16
- Disabled HTTP/2 Server Push which was leading to 520 and 502 errors for some websites.
3.0.1 – 2016-09-16
- Fixed HTTP/2 Server Push exceeding the header limit which caused 520 errors.
- Fixed warning message in HTTP/2 Server Push.
3.0.0 – 2016-09-15
- Added one-click application oft WordPress specific recommended settings
- Added ability to purge the cache
- Integrated with WordPress cache management to automatically clear the cache on updating site appearance
- Added ability to change settings (Always Online mode, I’m Under Attack, Image Optimization, Security Level, Web Application Firewall)
- Added Analytics showing Cached Requests, bandwidth used, unique visitors, threats blocked
- Added Header rewrite to prevent a redirect loop when Cloudflare’s Universal SSL is enabled
- Added HTTP/2 Server Push support
- Added Support for PHP 5.3+
Will CloudFlare Really Help My Site?
Since joining the CloudFlare community Shadowood Press has had a noticeable impact. The site does run smoother, we have had less intrusion issues, and content is delivering much faster. Please however take this also with a grain of salt. as I have not done any official test indexes to compare with or without this service. I also do quite a lot of my own tweaking of both security rules and caching of the site on my localized server.
While I do suggest everyone use some form of CDN in order to make their sites load faster, which one you use will depend on your needs. CloudFlare does take away some of the localized control you might expect as you do alter your domains DNS settings. This will increase the potential hops from an end-users location to your own server, a potential issue if a mid-point system fails, but under most usage you will most likely never notice. Some functions might not be as tightly controlled as you might like, such as server level Htaccess edits to block stuff you specifically choose. But in the long run you will have to decide if CloudFlare is a good fit, both for your website load times and your chosen security concerns.