How to Install and Configure CloudFlare for a WordPress Site

The purpose of this article is to explain how to install Cloudflare for your WordPress site and configure encryption for the connection between your visitors and CloudFlare, as well as between CloudFlare and your hosting provider.

Here are the steps we will detail:

• Creating a Cloudflare account.
• Adding your WordPress domain name to Cloudflare.
• Verifying your DNS records retrieved by Cloudflare.
• Changing the name servers to those of Cloudflare.
• Configuring CloudFlare SSL mode.
• Installing the Cloudflare plugin in WordPress.
• Configuration of the LiteSpeed Cache extension.

Note : The Glossary contains explanations on multiple topics and can be consulted to clarify certain terms.

Creating a CloudFlare Account

This step is necessary if you do not have a CloudFlare account. Creating a CloudFlare account is free.

1. Go to the Cloudflare sign-up page: https://www.cloudflare.com/ and click Log In:

2. Register by following the instructions provided (skip if you do not wish to answer the questions that will be asked).
3. Once you have completed your registration request, locate the message that CloudFlare will have sent you by email and click on the Verify your email button:

Adding your WordPress Domain Name to CloudFlare

We are now at the stage of connecting your WordPress domain to CloudFlare.

1. Log in to your Cloudflare dashboard (https://dash.cloudflare.com/):

2. Click on + Add -> Connect a domain (in the upper right corner) :

3. Connect your domain:
   • Enter the domain of your WordPress site.
   • Keep the default options selected (Quick scan for DNS records radio button, etc.).
   • Click the Continue button.

4. You must then choose a CloudFlare plan for your domain:

5. Click on the Select plan button corresponding to the plan that suits you best.

The free plan works perfectly for most WordPress sites, and if you want to use the Content Delivery Network (CDN) and CloudFlare anti-DDOS protection.

Verifying your DNS Records Retrieved by Cloudflare

At this stage, CloudFlare scans and imports your current DNS records. You need to verify that they are correct.

1. Take the time to carefully review the DNS records and ensure they match what you have on file (if necessary, please refer to the article How to Manage DNS).
   • In particular, make sure that A records point to your IP and that mail (MX), TXT, or CNAME records have the correct content.
   • If necessary, add records by clicking the Add record button.

2. When you have finished your revision, click on the button Continue to activation button:

Changing the Name Servers to Those of Cloudflare

We are now at a crucial stage in activating the service. You must change your domain’s name servers so that they point to Cloudflare.

1. CloudFlare provides you with the two name servers addresses to use from now on:

2. Delete the current name servers and replace them with Cloudflare’s.
3. In your CloudFlare dashboard, click the I updated my nameservers button:

4. Propagation can take anywhere from a few minutes to 24 hours. CloudFlare will notify you when it is complete.

Configuring CloudFlare SSL Mode

Your site is now protected with CloudFlare, but there is still one adjustment to be made to the SSL configuration.

By default, CloudFlare will have installed a valid SSL certificate that covers the connection between your site’s visitors and CloudFlare, but the connection between CloudFlare and your host will not necessarily be covered.

We will need to set up the correct SSL/TLS mode:

1. In your CloudFlare dashboard, select SSL/TLS -> Overview :

2. Click on Full (strict) radio button.
   • There is no save button in this interface: changes are applied as soon as you make them.
3. It takes 24 hours for the mode to take effect and for the connection between CloudFlare and your hosting to also be encrypted by the Let’s Encrypt certificate.

Installing the Cloudflare Plugin in WordPress

A handy plugin allows you to manage essential CloudFlare features directly from your WordPress dashboard.

1. In your WordPress dashboard, go to Plugins -> Add New and search for CloudFlare.
2. Install and activate the CloudFlare plugin.

If you have previously installed LiteSpeed Cache, the following message will be displayed: “Please disable the following detected extensions, as they may conflict with LiteSpeed Cache: CloudFlare.”
This message is normal, as it is related to a potential conflict between two cache/CDN management systems. LiteSpeed Cache prefers Cloudflare to be configured directly in LiteSpeed rather than with the official Cloudflare plugin. We will explain this in the section Configuration of the LiteSpeed Cache extension.

3. In your CloudFlare dashboard, go to Manage account -> Account API tokens and make a note of the Global API Key generated:

4. In your WordPress dashboard, go to Plugins -> Installed Plugins -> Cloudflare -> Settings.
5. Log in using your email address and the Global API Key you noted earlier, then click the Save API Credentials button:

6. You can then apply the default settings or update them according to your preferences.
7. In your dashboard, under Installed Plugins -> Cloudflare -> Settings, you will find several useful options such as a shortcut to Anti-DDOS mode, a button to purge the Cloudflare cache, and many more advanced settings.

Configuration of the LiteSpeed Cache Extension

If you have installed the LiteSpeed Cache extension, it is necessary to configure Cloudflare with it.

First, in your CloudFlare dashboard, go to My Profile -> API Tokens and make a note of the Global API Key generated.

Next, you need to do the following in your WordPress dashboard:

1. Go to LiteSpeed Cache -> CDN and click on the Cloudflare tab:

2. Make the following settings:
   • Set CloudFlare API to ON.
   • Enter your Global API Key in the Global API Key/API Token field.
   • Enter the Email Address associated with your CloudFlare account.
   • Enter the Domain of your current website.
   • Set Clear CloudFlare cache to ON.
3. Click the Save Changes button.