Setup CloudFlare CDN for WordPress on Google Cloud

June 13, 2018Leron AminComments Open

In this tutorial you will learn how to setup Cloudflare CDN for your WordPress website on Google Cloud. When configured correctly, Cloudflare CDN can provide huge performance and security benefits for your website.

Serving your website’s content from CloudFlare’s CDN will lead to huge performance benefits, including shorter load times and protection from DDOS attacks.

Benefits of using a CDN

A CDN is a network of globally distributed servers that store and distribute your website’s content.

With a CDN configured, your website’s content will load quickly for all users, regardless of their geographic location.


diagram of cdn network
Without a CDN, your website is served from a single server, meaning slow load times for international visitors. With a CDN, your website is stored and served from many servers around the world, meaning consistently shorter load times for visitors.

Getting Started

Before getting started with this tutorial, you should have already:

  1. Installed WordPress on Google Cloud
  2. Setup a Domain Name for your website
  3. Reserved a Static IP Address for your website.
  4. Configured SSL for your website (optional).

Keep in mind, if you don’t have SSL configured, you’ll have the option to apply Cloudflare SSL certificates step 3 of this tutorial. Learn more about the advantages and disadvantages of using Cloudflare’s SSL service with your CDN by clicking here.

There are 6 steps in this tutorial:

1. Create a Cloudflare account

visit cloudflare.com in your web browser
In your web browser, navigate to the Cloudflare signup page.
enter email and password to create a cloudflare account
On the signup page, choose an email and password to use for your account, and click the Create Account button.
click the add a site button to configure your website with cloudflare
After creating an account, click the + Add a Site button to configure your website with Cloudflare.
click the next button to query dns records
Click the Next button to query your DNS records.
select the free plan option
Select the FREE option to get started with a free account, then click on the Confirm Plan button.
click the continue button to confirm nameservers
After Cloudflare has verified your website’s DNS records, click the Continue button.
copy cloudflare nameservers
Copy the two nameservers that Cloudflare provides and paste them into Notepad – you will need these in the future steps.

2. Change domain nameservers

visit the domain name provider where you registered your domain name namecheap.com
Visit the domain name provider where you registered your website’s domain name. Namecheap is used in this example, but there are hundreds of other domain name registrars to choose from.
paste the cloudflare nameservers
Once you’ve logged in to your domain name registrar, navigate to the settings page of the domain that you want to configure. Select the Custom DNS option, then paste the two Cloudflare nameservers that we copied from step 1 of this tutorial.

3. Configure Cloudflare SSL settings

click the link to the website you want to configure
Go back to your Cloudflare homepage and click on your website.
click on the crypto settings to configure cloudflare ssl settings
Click on the Crypto icon at the top of the page to configure your Cloudflare SSL settings.
select the full strict ssl setting
On the Crypto page, select the Full (Strict) SSL setting if you already have SSL configured on your website. If you want to use Cloudflare’s SSL, choose the Full SSL setting.
Click here to learn more about the different SSL settings.

4. Configure Cloudflare caching settings

click icon to configure caching settings
Next, click on the Caching icon at the top of the page to configure your caching settings.
configure caching settings
Set your Browser Cache Expiration setting to 1 month, or choose Respect Existing Headers if you’ve already configured caching on your origin server.

5. Test website performance

visit gtmetrix.com in your web browser
Now that you’ve configured Cloudflare CDN, the next step is to check that it is working properly. In your browser, open a new tab and visit GTMetrix. Then, enter your website’s URL in the search field and click the Analyze button.
check for leverage browser caching
First, under the PageSpeed tab, check that the Leverage browser caching criteria has a high score.
check that content delivery network and expires headers are configured properly
Next, navigate to the YSlow tab and check that the Use a Content Delivery Network (CDN) and the Add Expires headers criteria are both met.

6. Additional considerations

Combining Cloudflare CDN and SSL

Cloudflare offers three separate settings for handling your website’s encryption with SSL. The three settings are Flexible SSL, Full SSL, and Full SSL (Strict).

Full SSL (Strict) provides the highest level of SSL security, however, it requires that you setup SSL on your origin server beforehand.

  • 1. Flexible SSL

    • Flexible SSL is the easiest setting for configuring Cloudflare’s SSL with your website, but unfortunately does not encrypt the connection between your website’s server and Cloudflare (your website will still show the green padlock).

    full ssl setting for cloudflare

  • 2. Full SSL

    • Unlike Flexible SSL, the Full SSL setting provides encryption between your server and Cloudflare. The only drawback is that your connection between your server and Cloudflare isn’t authenticated.

    cloudflare full ssl setting

  • 3. Full SSL (Strict)

    • Out of the three available settings, Full SSL (Strict) provides the highest level of security. Unlike Full SSL, the Full SSL (Strict) setting ensures than the connection between your website’s server and cloudflare is authenticated with a signed SSL certificate.

    cloudfare full strict ssl setting

Which setting should you choose?

Try to avoid using the Flexible SSL setting. If you’re running any of the ‘pre-configured’ stacks from the Google Cloud solutions library, then it’s likely your server came pre-configured with self-signed SSL certificates. This means that the Full SSL setting is available to you by default.

We strongly suggest that people use Strict mode with a valid cert on their origin. –Nick Sullivan, Head of Cryptography, Cloudflare Inc.

However, if you want to take your security a bit further, you can use the Full SSL (Strict) setting. This setting requires that you already have SSL configured on your server (with valid certificates).

If you plan to use the Full SSL (Strict) setting but haven’t yet configured SSL certificates on your server, check out the SSL tutorials for the Click-to-deploy or Bitnami Google Cloud LAMP stacks.

References

  1. Recommended first steps for Cloudflare users
  2. How does Cloudflare work?
  3. Universal SSL: Encryption all the way to the origin, for free
  4. My TLS conundrum and why I decided to leave CloudFlare
  5. How to get your SSL for free on a Shared Azure website with CloudFlare
  6. Cloudflare’s great new features and why I won’t use them
  7. Why should I install mod_cloudflare?
  8. What are the disadvantages of using Cloudflare?
  9. Content Delivery Network (CDN) image provided via Privacy Canada

Troubleshooting

If you have any questions or comments, please leave them in the comment field below.

For troubleshooting support, be sure to check out the WordPress Cloud Hosting Support Group on Facebook.

Leave a Reply

Your email address will not be published. Required fields are marked *

facebook-wordpress-support-group
facebook-wordpress-support-group
facebook-wordpress-support-groupWelcome to One Page Zen!

Through this blog I hope to introduce web developers to cloud computing!

Made with by

© 2020 One Page Zen Systems, LLC  
Legal  |  Privacy Policy  |  Affiliate Disclosure  |  Contact  

Join our Mailing List!

Exclusive early access to the latest tutorials

Monthly update with a list of upcoming tutorials

Special access to members-only events and webinars