Setting up your site on Cloudflare for the first time

Website security is critical in today’s digital world, so you need CloudFlare. With cyber attacks getting more complex, it is critical for website owners to establish strong security measures. Cloudflare, a well-known content delivery network (CDN) and security service provider, provides a variety of tools to help protect your website.

1. Setup Cloudflare

The first step in securing your website is to sign up for a Cloudflare account and add your website to their platform and pick a plan. Cloudflare acts as a reverse proxy, routing your website’s traffic through their network. This not only improves website performance but also provides an additional layer of security.

cf-add-site
cf-pick-plan

2. Add or change your DNS records

Part of the setup process, you may need to change some dns records, this tells CloudFlare where your site and mail server are and direct your visitors to the correct website. Don’t worry you can modify this at a later time.

cf-set-dns-records

3. Enable Some Settings

During initial setup, you will be asked to configure some settings. These settings should be enabled.

  1. Automatic HTTPS Rewrites – Enable
  2. Always Use HTTPS – Enable
  3. Brotli – Enable


Then click Finish. 

4. Implement Firewall Rules

The firewall features of Cloudflare allow you to set rules that filter and prevent traffic based on certain criteria. You may configure rules to block malicious IP addresses, prohibit known attack patterns, and limit access to critical areas of your website. To keep ahead of developing threats, review and change your firewall rules on a regular basis.

A Web Application Firewall (WAF) is a powerful tool that protects your website against common web application vulnerabilities, such as SQL injections and cross-site scripting (XSS). Click here to learn more about some useful CloudFlare firewall rules.

5. Enable Bot Protection

Bots can pose a significant threat to your website, consuming server resources and compromising user experience. Cloudflare’s Bot Management offers various techniques to detect and mitigate bot activity, such as CAPTCHA challenges, JavaScript checks, and behavior analysis. Employ these tools to distinguish between human and bot traffic, safeguarding your website from automated attacks.

6. Regularly Monitor and Analyze

Cloudflare provides detailed analytics and logs to help you monitor your website’s traffic, identify potential threats, and take appropriate action. Regularly review these logs and reports to stay informed about any security events and make necessary adjustments to your security settings.

Wait 24 to 48 hours, then you will start to see some stats, like these below. See stats for the last 24 hours, 7 days or 30 days.

cf-analytics
threats

7. Secure your website with CloudFlare WAF

Securing your website is an ongoing process. Setting your website on Cloudflare is the first step in protecting it from a range of online threats. Remember that security is a continuous effort, and embrace Cloudflare’s powerful security features and make them an integral part of your website’s defense strategy.

To setup the Web Application Firewall ( WAF ), you can follow this guide, to secure your website by adding custom rules.

Share This

Please Donate

If my how-to tutorials helped you, please consider making a donation. ☕ ☕

chkserv

Need affordable cPanel hosting?

Leave a Reply

Your email address will not be published. Required fields are marked *