Cloudflare and SiteDistrict

Cloudflare and SiteDistrict

When and how to use Cloudflare with SiteDistrict sites

Page Navigation

  1. Cloudflare
  2. SiteDistrict
  3. Problems with Cloudflare
  4. Disabling Cloudflare Proxy
  5. When to use Cloudflare
  6. Summary

While Cloudflare can be quite beneficial or even necessary for WordPress sites hosted on other hosting providers, for most sites on SiteDistrict, it's typically better to disable their proxy (CDN, firewall, cache), and only use their DNS service.

This page covers the technical details behind this recommendation, as well as the exceptions to this rule.

Cloudflare

General Info

Cloudflare, Inc. is a billion-dollar, cutting-edge technology company that has exploded in popularity over the past 10 years, and now handles a significant amount of Internet traffic.

While many on the Internet will say "Use Cloudflare" as though it is a magical solution for all kinds of problems, very few of these people actually understand the finer details of how Cloudflare works, when it should actually be used, how it should be used, and when something else is actually a better solution for a problem.

Cloudflare Features

The number of products that Cloudflare offers is ever-increasing, but the most well-known features and the ones applicable to most WordPress sites are these:

  • Domain Name Service (DNS)The most used Cloudflare product by far, Cloudflare offers what is usually a much better alternative to other DNS providers, such as your domain registrar, or if available (typically with cPanel hosting providers), your hosting provider's DNS.
  • Content Delivery Network (CDN)Cloudflare uses its global network of servers to cache many static files and assets that are loaded or served by websites, including CSS stylesheets, JavaScript files, fonts, images, audio files, and videos. This feature speeds up page loads for visitors who are physically distant from the (original) server hosting the actual WordPress site, and it can also reduce bandwidth used with your hosting provider.
  • SecurityCloudflare offers DDoS protection, a Web Application Firewall, bot protection, their Turnstile CAPTCHA, rate limiting, and configurable security levels, including "I'm Under Attack" mode. Many WordPress sites rely on Cloudflare to (partially) protect them from bad traffic, and more aggressive attacks on their site, and many WordPress hosting providers have integrated it with their platform and made its use required, as they seem to lack the ability to effectively protected sites themselves, and need to prevent service degradation issues that can result from unwanted or malicious unblocked traffic.
  • Automatic Platform Optimization (APO)Cloudflare's APO product provides edge caching of HTML pages generated by WordPress, using their global CDN, allowing for faster loading of pages that can be cached. It requires their WordPress plugin to function properly, and costs $5/month, per domain.

The last three features listed above all require a domain to have the Cloudflare proxy, or "orange cloud" enabled, which instructs their DNS to return IP addresses that point at their servers, instead of your hosting provider. All traffic is then routed first to Cloudflare's global network of servers, and then passed to your host only if necessary.

SiteDistrict

SiteDistrict has many of the most important features of Cloudflare already built-in to our platform, making the use of Cloudflare unnecessary in many cases, and even undesirable in several others.

SiteDistrict Features

Unlike Cloudflare, but similar to most of the "better" managed WordPress hosting providers, SiteDistrict does not provide DNS services. We actually continue to highly recommend using Cloudflare's free DNS service, even if not using any of their other features that requires enabling their proxy.

For the other three features listed above, SiteDistrict has you covered.

SiteDistrict runs its own set of global servers, powered by Amazon EC2, which provide similar functionality to Cloudflare, but without any additional monthly costs, nor the need to configure any settings yourself.

  • Content Delivery Network (CDN)Our custom CDN also caches common assets and static files on our servers close to your site visitors, ensuring faster page loads in many cases. Very few WordPress hosting providers (Pressable and WordPress.com being an exception) have this feature built-in. Some hosts integrate Cloudflare by default (Kinsta, WPEngine, RocketDotNet), while most other hosts will instruct you to use Cloudflare or another CDN to have this feature. Some plugins and hosts may provide a CDN through a third party, using a separate subdomain for assets, but this is not as fast or as clean as a single-domain CDN.
  • SecurityLike Cloudflare, SiteDistrict provides DDoS mitigation, bot protection, a web application firewall (WAF), and other security protections. However, unlike Cloudflare, SiteDistrict is designed exclusively to host & protect WordPress sites, and our platform and firewall block a significant amount of traffic that Cloudflare does not, and is generally even more effective against direct traffic, than traffic that is proxied first to Cloudflare, and then to SiteDistrict.
  • Edge Page CacheSiteDistrict provides page caching both at the origin server (similar to many WordPress caching plugins & managed hosts), but also at the "edge", by saving copies of pages on the servers closest to your visitors. This takes the place of Cloudflare's APO product, and does not require an additional plugin. It's automatic, always on, and is one of the most advanced WordPress caching systems on the market.

Problems with Cloudflare

While Cloudflare's DNS is excellent, and remains highly recommended, there can be issues with enabling their proxy and using some of their other features, such that on SiteDistrict, Cloudflare can and often does cause more problems than it solves.

Bad Configuration

The number one cause of more serious issues for sites using Cloudflare is configuration errors. The majority of the time when a SiteDistrict customer reports an issue that can be traced back to Cloudflare, it was caused by a change they made to a setting in Cloudflare.

If you use the Cloudflare proxy for your sites on SiteDistrict, we recommend sticking with both the free plan, and the default settings, unless you have a specific reason to change something AND you know what you are doing.

Unblocked Traffic

Another issue with Cloudflare is that, by default, their firewall does not block a significant amount of unwanted and malicious traffic. While the SiteDistrict firewall still protects sites that sit behind Cloudflare, it is more effective in general with direct traffic, because we have access to the TLS handshake data and can also limit IP traffic directly.

Extra Hop

Using Cloudflare with SiteDistrict requires an extra "hop" for all requests for pages and other dynamic content, which is not cached by Cloudflare. While this is typically a small performance penalty, it is easily eliminated by not enabling the Cloudflare proxy for sites hosted on SiteDistrict.

Extra Setup Effort

If you're already using Cloudflare for a domain, then this doesn't apply. But if you're not using Cloudflare at all for a domain, but you were thinking it might be a good idea, or someone recommended it to you, then one downside is that you need to set up a Cloudflare account, copy the DNS records, configure the SSL / TLS settings correctly, and update the nameservers at your registrar.

For those who want to keep things simple, avoid extra work, and don't actually have a compelling reason to use Cloudflare, this is another reason you might want to have second thoughts.

Bad SSL / TLS Settings

Another common issue with enabling the Cloudflare proxy on some sites is that the SSL / TLS Settings inside Cloudflare are often set to Flexible, rather than Full or Full (Strict), which means that while your traffic between your browser and Cloudflare is encrypted, traffic between Cloudflare and your hosting provider (such as SiteDistrict), is not.

At SITEDISTRICT we require sites to use HTTPS for traffic from Cloudflare, and you will see this if your domain is set to use Flexible:

Disabling Cloudflare Proxy

To disable the Cloudflare proxy, you can open up the DNS settings for your domain, and then disable the proxy for both the main A record, as well as for the CNAME record for the www subdomain, as shown:

See the Cloudflare documentation page on how to Pause Cloudflare for more info.

When to use Cloudflare

There are some cases where it is a good idea to use Cloudflare with SiteDistrict. These are:

  • DNS
  • Bandwidth Offloading
  • Special Cloudflare Feature Use
  • When Instructed by Us

These are covered in more detail below.

DNS

Using their DNS is almost always a good idea, and is recommended. If a domain's current DNS provider is unreliable, has a bad user interface, or there are other issues with accessing and updating the DNS records, moving the domain's DNS to Cloudflare can often be a good option. This of course requires some amount of work, and a certain level of technical proficiency. For any support with this process, you would want to read the Cloudflare documentation, or speak with or hire a developer that has experience with Cloudflare.

Bandwidth Offloading

Cloudflare provides free bandwidth, while our cloud provider (Amazon) charges us for bandwidth. We in turn pass those costs on to our customers if bandwidth usage exceeds the allowance for the account. If your site(s) on SiteDistrict use enough bandwidth to incur overage costs with us, it might be a good idea to use the Cloudflare proxy / CDN to offload bandwidth. If the assets or files are downloaded by many users, Cloudflare will cache the files in their CDN, and only transfer the files from SiteDistrict once, for as long as the cache is valid (30 days by default).

Special Cloudflare Feature Use

If you require the use of more advanced features, such as Cloudflare workers, then using the Cloudflare proxy is necessary, and may be justified. Consider if the features you need within Cloudflare are actually necessary though. Most customers with WordPress sites do not actually need a paid plan with Cloudflare, nor any additional features. In some cases, the functionality you need may also be available within SiteDistrict. Contact us with any questions.

When Instructed by Us

In some cases, we will tell you directly if we think using the Cloudflare DNS and/or proxy is a good idea, and why we think so.

Summary

This page outlines important features provided by both Cloudflare and SiteDistrict, and should help you understand when it is a good idea to use Cloudflare, and which features you should use, if any.

Unlike with many WordPress hosting providers, using Cloudflare does not necessarily provide improved performance and security.

If we've missed anything with this article, let us know so we can address it. Enjoy your fast & secure managed WordPress hosting with SiteDistrict!

 

Looking to simplify your setup, while optimizing performance and security?

 

This website makes use of cookies to enhance browsing experience and provide additional functionality. Privacy Policy Accept

Main
Security
Pricing
Migrations
Performance Articles
Accounts
Features
Contact & Support
Terms & Privacy
Company
twitter Twitter
facebookFacebook
linkedinLinkedin
Built WithAround The
Copyright © 2016 - 2025 SiteDistrict, All Rights Reserved