At WPBarista, we use the free version of Cloudflare in combination with WP Rocket and EWWW.io to boost security and optimize WordPress speed. And yes, Cloudflare Free is perfect for most influencers. It has everything you need to keep your site fast and secure without any extra cost.
In this post, we’ll go through the Cloudflare settings we use and recommend. First – get your site onto Cloudflare. This gets technical but we’re here to help if you get stuck.
Onboarding Your Site to Cloudflare
If you do not have an account, you will be prompted to complete the account sign-up. When that is done, you will be presented with the opportunity to add your first site. Or login and then find ‘Add a domain’ button here:
Add your domain and keep the radio button selected “Quick scan for DNS records”. This will only work if you do not have extra security on your domain. If you do, it is time to call in some help!
Then select the free plan – at the bottom. The box is clickable. Then select “continue”.
Review your DNS records – if you get this wrong your site could go offline – be careful. As explained above, this is the address book that tells the internet where your website is. If this screen “Review your DNS records” has any orange/pink boxes with warnings – it is probably time to get assistance. The one below is throwing an error because it only found 3 records which is unusual.
You must get these records correct to keep your site live. Once you have confirmed they are correct, click the “continue to activation” button.
The orange status at the top will say “Pending Nameserver Update”. And everything will stall until you make the change manually. You MUST change the nameservers at your registrar.
Registrar: the certified company where you purchased your domain name
This page shows the instructions. The only thing you need to know: log into your registrar and update the nameservers to the ones on this screen: they will be <something>.ns.cloudflare.com. Change BOTH nameservers, and delete any others (if you have more than 2, just delete the others).
Once the set up is done – you wait for the email from Cloudflare congratulating you on the onboarding being complete. Then you can proceed to the setup noted below.
DNS Settings
The DNS feature is the primary reason we use Cloudflare Free. Their DNS hosting is fast—one of the best out there. DNS Hosting is usually done by your web host. They ‘point’ your domain name to themselves and then manage the DNS for you. DNS can be a complicated thing.
All you need to know is that your DNS Zone is like an address book for all things <your domain>. For example our dns zone is the address book that tells the internet where cathy@wpbarista is, or test.wpbarista or the website, wpbarista.com. It is very important that the internet can look up your DNS quickly and then move on to actually going there. This is why the DNS Zone speed is so important.
If nothing else, use the Cloudflare free plan for DNS Hosting, at minimum! The only other platform for DNS hosting that comes close is GoDaddy DNS (that is the ONLY thing I would recommend GoDaddy for).
While onboarding, Cloudflare will attempt to fetch all the records automatically. 99.9% of the time it is complete and accurate. When you need to add or edit a DNS record, you will find them in Cloudflare > DNS > records tab.
For email security, use their Email Security Wizard to set up DMARC. Go to DNS > Settings > Email Security, then click the Configure button. Cloudflare will guide you through the steps to ensure your emails are protected against spam and phishing attempts. Use this guide to test SPF, DMARC and DKIM for free.
SSL
The second reason we love Cloudflare Free is its free SSL. Cloudflare automatically renews it, so you won’t have to remember to do so every 6 months. Here’s how to set it up:
- Enable SSL in “Full” mode. If it doesn’t indicate “Full”, click the configure button to change it.
- Turn on Automatic HTTPS Rewrites to make sure all traffic is secure.
Note: HSTS (HTTP Strict Transport Security) is an extra layer of security that you don’t need. It will one day be standard. For brand new blogs, go ahead and enable it. For most blogs, directories, or membership sites, it’s unnecessary. Avoid enabling it without professional help.
Also, go to SSL/TLS settings and set:
- Min TLS: 1.0
- Enable TLS 1.3, Opportunistic Encryption, and Always Use HTTPS.
Security Settings
In the Cloudflare Security > settings tab, we recommend the following settings:
- Security Level: Set to Medium. This provides a balanced level of protection against threats.
- Challenge Passage: 30 minutes, meaning visitors won’t have to solve another security challenge until this time elapses. This only applies to those who are challenged.
- Browser Integrity Check: This checks on your readers browsers.
- Replace Insecure JS Libraries: Replaces insecure code when it can.
We handle Page Shield services as part of our maintenance service, so no need to upgrade to a Pro plan for these features.
There is an area to Block AI Bots – do not use this. We have another post that goes into more detail about AI settings for influencers. During rare emergencies – under bot attacks, we may activate the Bot Fight Mode… do not do this on your own – it will likely break your site.
Speed Settings
Under the Speed tab, click on Enable all available settings to give your site an immediate performance boost. Then, be sure to STOP Speed Brain:
- Go to Content Optimization and turn off Speed Brain. This feature can sometimes interfere with plugin updates, but we’re hopeful Cloudflare will resolve this soon. I’ll update this post when they do.
Caching Configuration
Cloudflare Free’s Caching settings add an extra layer of caching to the one provided by WP Rocket. To start:
- Caching > Configuration tab: the Browser Cache TTL (expiration time) to respect existing headers if you’re using WP-rocket. If not, use 1 day.
- Avoid enabling Always On—it’s not necessary and does conflict with caching plugins.
Lastly, we’re currently testing the Browser Hints Feature. We’ll update this post as we learn more about its impact on performance!
Cloudflare’s free version is perfect for influencers, bloggers, content creators and most small businesses. And when combined with WP Rocket and EWWW.io, it really enhances your site’s performance and security. Following these recommended settings will ensure you’re getting the best from your Cloudflare plan.
Beginner Checklist
If you’re starting out, you’ll love our comprehensive 52 point checklist for your website! Read through once, and then work on items one at a time as it comes up!
Cathy Mitchell
Single Mom, Lifelong Learner, Jesus Follower, Founder and CEO at WPBarista.