Your Cloudflare account is activated. Now, you’re curious about how you can make the best of Cloudflare to optimize and secure your website. In this brief guide, we are going to discuss a few of the tweaks that you can make to increase your website's security and to maximize its performance.
Make the Most of Development Mode
Cloudflare’s primary purpose is to allow you to cache your static website content, distributing it to strategic locations around the world. This makes it possible for users to load your site from a location that’s nearest to them.
When you make changes to the static content of your site, these changes are not automatically renewed in the cached versions of your files available on Cloudflare. The development mode makes it possible to disable the internal Cloudflare CDN service so that your static content will be loaded from the hosting server where your website is hosted at. To do this you will need to log into Cloudflare and visit the Client Area. There you will see all of your configure domains.
- Select the one that you want and enable Development Mode.
- You will be given a slider option that allows you to enable Development Mode
- Once changes have been done to the site, you can disable Development Mode by turning off the slider.
Cloudflare offers a number of security systems for you to configure. Whether you are looking for a fully integrated Web Application Firewall or protection from DDoS, Cloudflare can help.
You can access many of the security options by clicking on the Firewall icon on the top of your Cloudflare Client Area. The primary option you are presented with is Security Level. This option allows you to decide how Cloudflare will respond when it detects a potentially dangerous presence on your site. There are five levels of protection that include:
- Essentially off
- I’m under Attack
The High setting means that every user who has been perceived as a security threat over the past 14 days will be challenged. Essentially off, on the other hand, will only challenge users that have been deemed abusive.
It is recommended that you set the security level setting to Medium. This will protect your site without causing legitimate visitors undo inconvenience.
If you select I Am under Attack, which would be the correct option to select if you are facing a DDoS attack, Cloudflare will display a temporary placeholder page for all the users on your website. This will give Cloudflare the opportunity to determine if the perceived threat is real or if it is an actual user.
Cloudflare has a page that is dedicated to improving the speed of your site. You can access this page by selecting the Speed icon. This icon is located on the top of your Client Area.
The first setting you will see is called Auto Minify. This allows for the minification of the static content. During this process, white spaces are removed from your CSS, HTML, and JS files wherever this is possible without negatively impacting the functionality of the code. The code is not readable by humans, but it is readable by your computer and is now in complex code blocks. In this setting, you can select the type of content this feature should be used on.
There are a number of other features Cloudflare offers for increasing the speed of your site. The majority of these are only available for paid accounts.
In a test by Aussie Hosting, sites Cloudflare enabled sites performed up to 20% better than their regular shared hosting counterparts. This is especially important we’re considering image-heavy websites.
Recommended Cloudflare Settings in CPanel
These are a few recommended settings for the Home Tab.
Always Online – Turn this feature on. If your server goes down, Cloudflare will be able to serve your website using static pages from its cache.
Caching Level – This feature allows you to determine how much of your static content you want to be cached on Cloudflare. Increased caching may speed up page load time. We recommend selecting Standard.
Railgun – This feature accelerates how fast dynamic content is delivered. This feature should be turned on.
Here's a recommendation for settings under the Crypto Tab:
Always use HTTPS – This feature will redirect all HTTP requests to HTTPS. This feature should be on.
These are just a few of the many performance tweaks you can make to Cloudflare. If you have questions about Cloudflare settings, we would love to answer them for you. Please leave your questions in the comments section below.