Setup CloudFlare CDN for WordPress on Google Cloud

June 13, 2018Leron AminComments Open

In this tutorial you will learn how to setup Cloudflare CDN for your WordPress website on Google Cloud. When configured correctly, Cloudflare CDN can provide huge performance and security benefits for your website.

Serving your website’s content from CloudFlare’s CDN will lead to huge performance benefits, including shorter load times and protection from DDOS attacks.

Benefits of using a CDN

A CDN is a network of globally distributed servers that store and distribute your website’s content.

With a CDN configured, your website’s content will load quickly for all users, regardless of their geographic location.

diagram of cdn network — Without a CDN, your website is served from a single server, meaning slow load times for international visitors. With a CDN, your website is stored and served from many servers around the world, meaning consistently shorter load times for visitors.

Getting Started

Before getting started with this tutorial, you should have already:

Installed WordPress on Google Cloud
Setup a Domain Name for your website
Reserved a Static IP Address for your website.
Configured SSL for your website (optional).

Combine Cloudflare CDN + SSL (optional)

If you don’t want to install your own SSL certificate, it is possible to use Cloudflare’s SSL service with your CDN. You will have the option to apply this setting in step 3 of this tutorial.

Learn more about the advantages and disadvantages of using Cloudflare’s SSL service with your CDN by clicking here.

visit cloudflare.com in your web browser — In your web browser, navigate to the Cloudflare signup page.

enter email and password to create a cloudflare account — On the signup page, choose an email and password to use for your account, and click the Create Account button.

click the add a site button to configure your website with cloudflare — After creating an account, click the + Add a Site button to configure your website with Cloudflare.

click the next button to query dns records — Click the Next button to query your DNS records.

select the free plan option — Select the FREE option to get started with a free account, then click on the Confirm Plan button.

click the continue button to confirm nameservers — After Cloudflare has verified your website’s DNS records, click the Continue button.

copy cloudflare nameservers — Copy the two nameservers that Cloudflare provides and paste them into Notepad – you will need these in the future steps.

visit the domain name provider where you registered your domain name namecheap.com — Visit the domain name provider where you registered your website’s domain name. Namecheap is used in this example, but there are hundreds of other domain name registrars to choose from.

paste the cloudflare nameservers — Once you’ve logged in to your domain name registrar, navigate to the settings page of the domain that you want to configure. Select the Custom DNS option, then paste the two Cloudflare nameservers that we copied from step 1 of this tutorial.

click the link to the website you want to configure — Go back to your Cloudflare homepage and click on your website.

click on the crypto settings to configure cloudflare ssl settings — Click on the Crypto icon at the top of the page to configure your Cloudflare SSL settings.

select the full strict ssl setting — On the Crypto page, select the Full (Strict) SSL setting if you already have SSL configured on your website. If you want to use Cloudflare’s SSL, choose the Full SSL setting.
Click here to learn more about the different SSL settings.

click icon to configure caching settings — Next, click on the Caching icon at the top of the page to configure your caching settings.

configure caching settings — Set your Browser Cache Expiration setting to 1 month, or choose Respect Existing Headers if you’ve already configured caching on your origin server.

visit gtmetrix.com in your web browser — Now that you’ve configured Cloudflare CDN, the next step is to check that it is working properly. In your browser, open a new tab and visit GTMetrix. Then, enter your website’s URL in the search field and click the span style=”background-color: #eee”>Analyze button.

check for leverage browser caching — First, under the PageSpeed tab, check that the Leverage browser caching criteria has a high score.

check that content delivery network and expires headers are configured properly — Next, navigate to the YSlow tab and check that the Use a Content Delivery Network (CDN) and the Add Expires headers criteria are both met.

6. Additional considerations

Combining Cloudflare CDN and SSL

Cloudflare offers three separate settings for handling your website’s encryption with SSL. The three settings are Flexible SSL, Full SSL, and Full SSL (Strict).

Full SSL (Strict) provides the highest level of SSL security, however, it requires that you setup SSL on your origin server beforehand.

1. Flexible SSL

Flexible SSL is the easiest setting for configuring Cloudflare’s SSL with your website, but unfortunately does not encrypt the connection between your website’s server and Cloudflare (your website will still show the green padlock).

full ssl setting for cloudflare

2. Full SSL

Unlike Flexible SSL, the Full SSL setting provides encryption between your server and Cloudflare. The only drawback is that your connection between your server and Cloudflare isn’t authenticated.

cloudflare full ssl setting

3. Full SSL (Strict)

Out of the three available settings, Full SSL (Strict) provides the highest level of security. Unlike Full SSL, the Full SSL (Strict) setting ensures than the connection between your website’s server and cloudflare is authenticated with a signed SSL certificate.

cloudfare full strict ssl setting

Which setting should you choose?

Try to avoid using the Flexible SSL setting. If you’re running any of the ‘pre-configured’ stacks from the Google Cloud solutions library, then it’s likely your server came pre-configured with self-signed SSL certificates. This means that the Full SSL setting is available to you by default.

We strongly suggest that people use Strict mode with a valid cert on their origin. –Nick Sullivan, Head of Cryptography, Cloudflare Inc.

However, if you want to take your security a bit further, you can use the Full SSL (Strict) setting. This setting requires that you already have SSL configured on your server (with valid certificates).

If you plan to use the Full SSL (Strict) setting but haven’t yet configured SSL certificates on your server, check out the SSL tutorials for the Click-to-deploy or Bitnami Google Cloud LAMP stacks.