When you start a WordPress site it seems very straightforward and easy: choose a theme, write, publish, proofread (not necessarily in that order). As you get into it more, other considerations cascade on you: social sharing, plugins, hosting, speed and security among them.
One really powerful implementation that you can do to make your site more secure, faster and to decrease your hosting costs is to use Cloudflare. Cloudflare is a powerful (freemium) content delivery network (CDN) that filters out malicious users and delivers your content faster by utilizing its network of servers to serve your content.
Long story short, Cloudflare is pretty awesome.
How Cloudflare makes your site more secure and fast
Cloudflare works by adding itself as an intermediary between your domain and your host. For example, when you type leaderswest.com to go to my site you are routed through Cloudflare rather than directly to my host. Suspicious traffic is filtered by Cloudflare, and a CAPTCHA screen is presented to flagged visitors before they are permitted on to your site. This means that malicious bots have a lower likelihood to ever see your site.
I channeled my inner Sal Khan and drew a diagram of how Cloudflare works. Implementing Cloudflare onto your site is simply a process of signing up, redirecting your DNS, and choosing some options.
You can see that domain traffic that is routed through Cloudflare may be served by either the host, the Cloudflare CDN, or a combination of the two (depending upon the caching options that you choose).
Success that I’ve had with Cloudflare
I implemented Cloudflare when I was using WPEngine as my host. For those familiar with WPEngine, they are a great host but they charge a ton for user overage and the traffic they charge you for runs two to three times greater than what Google Analytics measures. Long story short – my hosting costs got very expensive and I wanted to try anything I could to keep my WPEngine hosting (I couldn’t justify it, but that’s another story).
WPEngine recommended Cloudflare to try and mitigate my traffic. I was livid about the overages and didn’t see the utility, but I tried Cloudflare anyhow. It immediately filtered out hundreds of malicious attempts every day. It also serves thousands of pages from the CDN (rather than the host) every month, which keeps my hosting costs lower. It has been super helpful.
I also just implemented Cloudflare on a nonprofit website and cut almost two seconds off of its average load time.
This is a screenshot of a Pingdom speed test from my site. When this (image-intensive) content is explicitly delivered by the host, load time is about 1.5 seconds. This test shows the content delivered in 389ms from the Cloudflare CDN.
The freemium model
I use the free version of Cloudflare and I use the highest caching settings that I can manage. There are three levels up from the free version: Pro, Business and Enterprise. Each has more speed and services than the free version (a list of all features can be found here), but for my purposes free is a pretty great price.
There are a lot of benefits of Cloudflare that I deliberately haven’t discussed. For bloggers who want increased security and faster load times, Cloudflare is an excellent low-cost way to achieve these two objectives. It takes a little time to set-up, but once it’s humming it can deliver your content very fast to its intended audience. I think a lot of bloggers would benefit from a Cloudflare implementation.
You should also note that Cloudflare recommends that WordPress webmasters use the Cloudflare WordPress plugin. In tests with the P3 Plugin Profiler, this plugin consistently added less than one-hundreth of a second to page load time. In other words, if you’re using Cloudflare with WordPress you should install this plugin as well.
I’m curious to know your thoughts if you have experience with Cloudflare. Please feel welcome to share in the comments.