In this tutorial you will learn how to setup Cloudflare CDN for your WordPress website on Google Cloud. When configured correctly, Cloudflare CDN can provide huge performance and security benefits for your website.
Serving your website’s content from CloudFlare’s CDN will lead to huge performance benefits, including shorter load times and protection from DDOS attacks.
Benefits of using a CDN
A CDN is a network of globally distributed servers that store and distribute your website’s content.
With a CDN configured, your website’s content will load quickly for all users, regardless of their geographic location.
Before getting started with this tutorial, you should have already:
- Installed WordPress on Google Cloud
- Setup a Domain Name for your website
- Reserved a Static IP Address for your website.
- Configured SSL for your website (optional).
Combine Cloudflare CDN + SSL (optional)
If you don’t want to install your own SSL certificate, it is possible to use Cloudflare’s SSL service with your CDN. You will have the option to apply this setting in step 3 of this tutorial.
Learn more about the advantages and disadvantages of using Cloudflare’s SSL service with your CDN by clicking here.
There are 6 steps in this tutorial:
1. Create a Cloudflare account
2. Change domain nameservers
3. Configure Cloudflare SSL settings
4. Configure Cloudflare caching settings
5. Test website performance
6. Additional considerations
Combining Cloudflare CDN and SSL
Cloudflare offers three separate settings for handling your website’s encryption with SSL. The three settings are Flexible SSL, Full SSL, and Full SSL (Strict).
Full SSL (Strict) provides the highest level of SSL security, however, it requires that you setup SSL on your origin server beforehand.
1. Flexible SSL
3. Full SSL (Strict)
Flexible SSL is the easiest setting for configuring Cloudflare’s SSL with your website, but unfortunately does not encrypt the connection between your website’s server and Cloudflare (your website will still show the green padlock).
2. Full SSL
Unlike Flexible SSL, the Full SSL setting provides encryption between your server and Cloudflare. The only drawback is that your connection between your server and Cloudflare isn’t authenticated.
Out of the three available settings, Full SSL (Strict) provides the highest level of security. Unlike Full SSL, the Full SSL (Strict) setting ensures than the connection between your website’s server and cloudflare is authenticated with a signed SSL certificate.
Which setting should you choose?
Try to avoid using the Flexible SSL setting. If you’re running any of the ‘pre-configured’ stacks from the Google Cloud solutions library, then it’s likely your server came pre-configured with self-signed SSL certificates. This means that the Full SSL setting is available to you by default.
We strongly suggest that people use Strict mode with a valid cert on their origin. –Nick Sullivan, Head of Cryptography, Cloudflare Inc.
However, if you want to take your security a bit further, you can use the Full SSL (Strict) setting. This setting requires that you already have SSL configured on your server (with valid certificates).
- Recommended first steps for Cloudflare users
- How does Cloudflare work?
- Universal SSL: Encryption all the way to the origin, for free
- My TLS conundrum and why I decided to leave CloudFlare
- How to get your SSL for free on a Shared Azure website with CloudFlare
- Cloudflare’s great new features and why I won’t use them
- Why should I install mod_cloudflare?
- What are the disadvantages of using Cloudflare?
If you have any questions or comments, please leave them in the comment field below.
For troubleshooting support, be sure to check out the WordPress Cloud Hosting Support Group on Facebook.