A Beginners Guide To Cloudflare
Cloudflare is one of the leading companies in the web security world. They can manage your DNS, SSL, as well as protect your site from attacks and more. Cloudflare is quite complex, but this guide will give you the basics.
Images have been removed from this article because Cloudflare has changed their UI. Cloudflare navigation links can now be found on the left-hand side of the page instead of the top.
How do I get started?
In order to use Cloudflare, you must have a custom domain (No sub-domains!). To get started, simply go to cloudflare.com and click the “Sign-in” button! If you already have an account, login instead, then click the "add a site" button.
Cloudflare will then give you a set of nameservers to use. Head on over to your domain provider and change your nameservers to the ones provided by Cloudflare. IMPORTANT! Don’t ever mix nameservers, as it can lead to unexpected results. You can safely remove the nameservers of your hosting provider, we will connect your hosting account later. After you add the nameservers, it can take up to 72 hours before your domain is connected due to DNS propagation. In the meantime, we can learn more about how to use this amazing tool!
Connecting your website
Cloudflare wouldn't be very helpful if you were not allowed to show your own website on your domain! Sometimes, Cloudflare will do this step for you, so you don’t have to. Here are the instructions if you need them. Connecting your hosting account is quite simple, all you need to do is find your account IP. To find the IP address of your hosting account, check the client area, or the control panel for your website. If you still can’t find it, ask your hosting provider. Next, click on the “DNS” tab in Cloudflare, and click on “Add A Record” button. Select the “A” record from the dropdown, and input the following information (You will be creating two records). IMPORTANT! If your web host uses an IPv6 address (It contains letters and numbers), use the “AAAA” record instead.
|Type||Name||Content||TTL||Proxy Status (Cloud Icon)|
|A/AAAA||@||[Your Hosting Account's IP Address]||Auto||Proxied (Orange Cloud)|
|A/AAAA||www||[Your Hosting Account's IP Address]||Auto||Proxied (Orange Cloud)|
That’s it! Note that it won’t work until your domain is connected to Cloudflare, so be sure to keep checking your nameserver status on Cloudflare’s homepage, and ask Cloudflare support if you get stuck.
SSL with Cloudflare
Cloudflare and SSL go together nicely. If you don’t have an SSL, and don’t want to get one, Cloudflare can set you up with one for free! If you have an SSL certificate, Cloudflare can add an extra layer of security. Click on the “SSL” tab on the left of your Cloudflare Dashboard to get started.
I Already have an SSL Certificate installed - Excellent! Just click on “Full” and Cloudflare will do the rest!
I Don’t have an SSL Certificate - That’s ok. Just click on “Flexible”, and Cloudflare will protect what it can. You may want to get an SSL certificate though!
IMPORTANT! Flexible SSL mode is NOT fully secure, use Full SSL mode for full security!
Now that you have SSL installed, you may want to make sure every visitor sees your site correctly, so go ahead and force HTTPS on your website! This is super simple to do with Cloudflare, all you need is to go to “Edge Certificates” and click on “Always Use HTTPS” (The htaccess guide is here if you do not want to use Cloudflare). Please note that this will not work until your domain and web host is connected to Cloudflare. DNS propagation can take some time, so have patience!
The last topic we shall touch on before leaving you with your final thoughts (Don’t leave us yet!). The Cloudflare Firewall is super powerful, and can help you out a ton! We will let you experiment on your own, but you can find the firewall by heading to the “Firewall” tab (duh) and clicking on “Firewall Rules”. When you click on the blue “Add a rule” button at the top, you will be shown an interface with a few options. The first dropdown menu lets you select something to filter by (Country, HTTPS/HTTP, IP, URI, ect.), the second lets you choose something to filter by (On, Off, other, ect.), and the third field lets you enter a value. Lastly, you can choose what happens when that criteria is met (Block the user, Allow the user, Challenge the browser, Show a Captcha).
That was probably confusing, so I'll show an example. Let’s say that I own a U.S. company, and I don’t want visitors from any other country to be able to view it (Or I have a personal site, and other countries don’t need to view it). I can choose “Country” for the first dropdown, “does not equal” from the second, and “United States” from the third. Lastly, I will choose “Block” from the last dropdown. This basically means that any user from outside of the United States will not be allowed to access my website.
Cloudflare is powerful and useful for every site, and I totally recommend it. This article showed you how to get Cloudflare setup, as well as getting your website connected, your SSL configured, and an introduction to the Cloudflare Firewall. Hopefully this helped!