You are here
Home > Info > Best Cloudflare Settings for WordPress Websites

Best Cloudflare Settings for WordPress Websites

How to Setup Cloudflare for WordPress Website

Cloudflare is a must! No doubt about it. This piece is a complete guide on Cloudflare setup. Check our Recommended settings for Cloudflare caching, various options, firewall, and page rule for more secure, faster, and stable WordPress websites.

► Locate the Routing Cloudflare Data Center in Your Area

Cloudflare operates 193 active data centers across the globe. Cloudflare in India has 6 data centers. Various factors play their role in deciding the routing Cloudflare data center for a user location. One of the features of Cloudflare Pro plan is to ensure the selection of the nearest data center.

Cloudflare Singapore data center is the routing data center when this website is accessed through ACT broadband in Chennai. However, when it is accessed through the Reliance Jio network, Kolkata Cloudflare data center is the routing data center. So, the ISP of the user is one of the factors that affect the selection of Cloudflare data center for routing in an area. You can find the status of all Cloudflare data centers here.

This {} link will show you the present routing Cloudflare data center for this website for your location. colo=SIN means Cloudflare Singapore data center.

ip=Your IP Address
uag=Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

► Cloudflare Page Rule for WordPress Websites

Remember, the order of page rules is very critical. So, you must arrange all the active page rules in a logical sequence to avoid abnormal performance of your website.

Also Read :  How to Setup 2-Factor Authentication for WordPress Login

Rule 1:  Restrict Cloudflare caching for Login Page {Optional}


  • Browser Integrity Check: ON
  • Browser Cache TTL: 30 Minutes
  • Always Online: OFF
  • Security level: High
  • Cache Level: Bypass
  • Disable Apps
  • Disable Performance

Rule 2:  Restrict Cloudflare caching for Admin Area {Must}


  • Browser Integrity Check: ON
  • Browser Cache TTL: 30 Minutes
  • Always Online: OFF
  • Security level: High
  • Cache Level: Bypass
  • Disable Apps
  • Disable Performance

Rule 3:  Restrict Cloudflare caching for Preview Page {Optional}


  • Browser Integrity Check: ON
  • Browser Cache TTL: 30 Minutes
  • Always Online: OFF
  • Security level: High
  • Cache Level: Bypass
  • Disable Apps
  • Disable Performance

Rule 4:  Ensure Cloudflare caching {Must}


  • Browser integrity check: ON
  • Browser Caching: One year
  • Always Online: ON
  • Security Level: High
  • Cache level: Standard,
  • Edge Cache TTL: One month

► Cloudflare Auto Minify: NO

You shouldn’t select auto minification in Cloudflare. Especially if Google Ads (AdSense) is on your website. Cloudflare auto minification will also minify the Google Ads JS files. If that happens, then your website won’t get dynamic ads, video ads, and flash-based ads. With Cloudflare minification active, your website will get only image and text-based ads. That means no high CPC ads.

The best idea is to minify HTML, JS, and CSS files at the origin server. And, even at the origin server, you should never minify any files that are linked to serving Google Ads. But minification is critical for fast loading of your website. Isn’t it?

The most popular WordPress caching plugin WP Super cache does not come with the feature to minify JS and CSS files. Another, top-ranking free plugin for caching is W3 Total Cache. After having years of experience, we can now use the plugin with its true potential. It is not an ideal plugin for beginners. The best-paid caching plugin is WP Rocket. As far as I know this plugin also does not offer the feature to select JS files to minify. This plugin will minify all the files, including Google Ads files.

Currently, the best WordPress caching plugin is WP Performance by Ante Laca. With this plugin, you can select the JS files to minify. On this website, we minify all the JS files except the JS files used for loading Google Ads.

► Cloudflare Always Use HTTPS: ON/OFF

If you are enforcing https at the origin server, then you should not activate the “Always use HTTPS” option under the SSL tap in Cloudflare. That is what Flywheel recommends. Cloudflare says otherwise, however. What to do?

SSL certificate installation becomes super comfortable if your website server is managed by a server management service provider, such as ServerPilot (recommended), Flywheel, and RunCloud. They are some of the best names for server setup, management, security, and maintenance. These server management service providers offer one-click SSL certificate installation at the origin server.

Cloudflare alerts that HTTPS enforcing at the origin server and activating Always-Use-HTTPS option could create “Redirect-Loop” error. We have tested it, though. While enforcing https at the origin server, Always-Use-HTTPS ON at Cloudflare hadn’t created an issue.

However, since Flywheel does not recommend it, so you should not Switch-ON this Cloudflare option. Here you should give priority to Flywheel suggestion because the Cloudflare recommendation is for all domains and all types of SSL settings and optimizations.

Notify of
Inline Feedbacks
View all comments
Rani Singh

Very useful…I was looking for the Cloudflare page rules

Avinash Aryan
Reply to  Rani Singh

So, You had now, have enough knowledge about clouflare, Are You using pro plans.

Amar Kumar
Reply to  Avinash Aryan

Hi Avinash, There is not much difference between FREE and PRO plan in terms of speed. The $20 you should spend on faster hosting and Advanced Server Management. Make your origin server fast.

Use IPV6 instead of IPV4, HTTP/2, Restrict crawling of your website by unwanted bots, and prevent image hot-linking.