Wordpress & Web Development

Protect & Speed Up Your Website For Free with CloudFlare

James Bruce 24-04-2011

It’s not just your home computer that needs protection. CloudFlare is an intriguing start-up from the creators of Project Honey Pot that claims to protect your website from spammers, bots and other evil web monsters – as well as speed up your site somewhat by caching certain page requests.


Essentially, it acts as a proxy between your site, and any remote requests – screening them for known threats and only letting through the good ones. It’s free, setup is relatively painless, and who can say no to free security protection?

Wait – what it is exactly, and how does it work?

All domains have a name-server (or two, actually) associated with them, and the purpose of the name-server is to redirect the domain to the IP address on which your website is held. So every request made to your site must pass through the name-server in order to reach your site. CloudFlare works by replacing your current name-servers with their own, and then filtering the requests made, thereby offering a layer of security which otherwise wouldn’t exist. You’d be forgiven for this would slow down your website, but that’s not the case. Unlike your regular name-servers that perhaps only exist in one physical location (where your site is stored), CloudFlare has a number of them situated globally, which has the added benefit of speeding up your initial site load time.

For a quick idea of what it does, let’s look at the stats for my site in one day alone:

free website speedup software

You can see that out of around 1,500 recorded page views, 47 of those were from known security threats (such as attempts to perform an SQL injection on standard search forms, or scanning for known web server vulnerabilities).


In terms of a speed boost, CloudFlare also “saved” about 2/3rds of the requests made on my server, and prevented 130mb of unnecessary bandwidth waste. Clearly, these are not numbers to be laughed at and I can attest to the fact that my site is now noticeably faster. Even without the speed boost though, the security it adds is a great piece of mind.

I’m convinced, how do I get it?

In order to make use of CloudFlare, you’ll need to be able to edit the name-server settings for your domain. Even if you’re on shared hosting, you should be able to do this. I’ll show you quickly how this can be done on my favorite domain buying site, Go Daddy – but obviously you’ll need to check yourself if your domain was purchased elsewhere. Ask your hosting support if your domain and site hosting were purchased together, otherwise you’ll need to find out who has control of your domain (not your hosting).

After logging in through the main Go Daddy site, navigate from any of the top menu items to Go To -> Domain Management:

speed up your website


Next, choose your domain from the list, and the detailed view such as this should appear:

speed up your website

Notice the section labelled Nameservers. We won’t change anything now, but leave that tab open while you sign up for CloudFlare as you’ll need to change it soon.

Sign Up For CloudFlare:

Head on over to cloudflare.com and use the easy sign up form to create an account. Once you’ve logged in, you should be able to add a domain. Just type in your domain.


While CloudFlare investigates your current website automatically, you’ll see a 1 minute video explaining things. The setup really couldn’t be easier. On the next screen, you’ll be asked to check the DNS settings. To be honest, the defaults will work fine unless you have something weird like Google Apps installed on your domain, or already have a CDN setup. If you have no idea what I just said, the defaults are probably good!

speed up your website

The next screen is important, but I’ll summarize so you can skip through it. Basically, any requests to your main domain will be routed through CloudFlare. However, in order to allow you to continue to use FTP or SSH on your domain as normal, CloudFlare will automatically create a kind of “bypass” subdomain, which is direct.yourdomain.com by default. Once you’ve made the CloudFlare changes, just remember that from now on if you want to access your site through FTP, you’ll need to affix “direct” to start of the connection address.

improve website speed


Finally, you’ll be told exactly what to update your name server settings too. Go back to your domain control panel, edit the name servers, and be sure to copy and paste these replacement ones in exactly.

free website speed software

That’s it – not so difficult is it? I really must commend CloudFlare for explaining everything so well and making set up easy, because changing name servers and messing with CNAME DNS records is not something the average user would do. The fact that it auto-detects your existing settings quite well just makes the whole process painless.


On the free account, you’ll need to wait 24 hours for stats to be updated. After that, log in to your account, click on domain stats, and be prepared to see how vulnerable your site was before!

Anyone who hosts their own domain should sign up with CloudFlare now – and I can honestly say that the speed boost has had a pronounced effect on my site, and with the added bonus of bandwidth saved my hosting bill should be cheaper this month too. Let us know in the comments if you’ve tried out CloudFlare for your site. For even more of a speed boost, be sure to check out my tips on the most comprehensive WordPress caching plugin around W3 Total Cache 3 Ways The W3 Total Cache Plugin Can Speed Up Your Wordpress Blog Self-hosted WordPress is a fantastic system, no doubt about it. But it can become a little bloated resulting in a slow load time. Read More and how to configure the basic settings How To Configure The Various W3 Total Cache Plugin Settings For Your Wordpress Blog A while ago I talked about the benefits of installing the W3TC plugin on your Wordpress blog in order to speed it up with various caching, but some readers were understandably a little wary about... Read More .

Related topics: Blogging, Webmaster Tools.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Sahl Ahmed
    April 28, 2011 at 1:13 pm

    ah this is cool..will try it for my blog

  2. swhale
    April 25, 2011 at 4:08 pm

    I'm pretty sure it was off by default but it seemed like a helpful option to enable. After a while I noticed the CF enabled sites hanging during loading and singled out the Viglink lookup as being blocked here in China (no idea why..).

    Whilst back in Europe I enabled the link tracking again and it's not noticable. It's a decent free service so I'd have no issue reenabling it once I'm living elsewhere.

    One thing to add: The default threat captcha page font is too large. On smaller screens the instructions appear below the fold, so any false positives will likely result in lost visitors. It can (and should) be edited in the settings.

  3. Luke
    April 25, 2011 at 4:20 am

    "So every request made to your site must pass through the name-server in order to reach your site." Not true. Upon the first request for a domain, your computer will interrogate the name-server to determine the IP address of the server. It will then cache the IP address, and any subsequent requests for that domain will be sent straight to that IP address rather than performing another name-server check. (Unless the cache expires or is manually cleared.) Saying that "...every request ... must pass through the name-server..." is incorrect.

    • James Bruce
      April 25, 2011 at 7:10 am

      Thanks Luke. In that case, I assume that the nameserver returns their IP instead of your site IP in order to redirect all requests through their servers; but the effect is the same either way.

  4. Gigi
    April 24, 2011 at 8:22 pm

    Can I use Cloudflare and a CDN service?

    • James Bruce
      April 24, 2011 at 8:51 pm

      .. Yes. While cloudfalre operates on a CDN-like infrastructure, it isnt a CDN in the technical sense of the world, in that it will not host your images for you.

  5. Scutterman
    April 24, 2011 at 8:00 pm

    With everything in life I always follow the money, so how do they make money? I can't imagine that offering such a process is cheap...

    • James Bruce
      April 24, 2011 at 8:52 pm

      I believe they are a "freemium" service, offering both free and paid plans. The idea is that once you've tried the free service, you will discover how great the paid one would be. Frankly, I'm tempted myself...

      • Scutterman
        April 24, 2011 at 9:05 pm

        I thought it would be something like that. They seem to be among the rare few who offer something useful as part of their free service.

        • Bloggers Templates
          May 20, 2011 at 10:19 am

          @Scutterman indeed, I also check how they make money from that product (or website)

    • swhale
      April 25, 2011 at 12:50 am

      On the free version they affiliate any links on your site using VigLink

      From their site:
      CloudFlare has partnered with Viglink so you can track where the outbound links from your site are sending traffic. The service appends a click handler to your links and tracks where your visitors pass through. The list of outbound links appears on the lower right hand side of your Stats & Reports under Outbound Links. If you prefer not to gather this data, you can turn the feature off by going to your CloudFlare Settings page. If you are currently using some other system to add click handlers, tracking codes or affiliates to your links, VigLink is intelligent and will not affect the system you already have in place.

      I've been using them for a few months now and the speed increase is definitely noticeable, but more useful is the saved site, so if your hosting goes down the web page is still viewable.

      • Hammy Havoc
        April 25, 2011 at 3:44 am

        Interesting that the site is still available, but fairly meaningless for something that is MySQL intensive.

        • James Bruce
          April 25, 2011 at 7:12 am

          Not necessarily - if you're running WordPress with w3tc, it caches the DB requests to produce a mostly static site anyway.

        • Hammy Havoc
          April 25, 2011 at 10:54 am

          That really is rather special, thanks for informing me. Looks like this will be fairly useful after all in a lot of cases.

      • James Bruce
        April 25, 2011 at 7:08 am

        On my settings page, outbound link tracking is disabled, but I cant be sure if thats because I turned it off or becuase it was disabled by default. I dont *remember* turning it off in particular though.