Cloudflare

[vc_row][vc_column][vc_column_text]Wir stellen Ihnen heute mit Cloudflare a low-cost provider for basic website security and acceleration. The speed at which your website is accessed is becoming increasingly important, so it makes sense to use additional protection from external systems in addition to a good web host who takes care of the security and operation of your site.

The overview of the Cloudflare system[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]

What is CloudFlare?

 

CloudFlare is a so-called Content Delivery Network (CDN). This means that the network caches and prepares the data delivered by your web server. By changing the DNS, requests from visitors of your website are first directed to CloudFlare and delivered by them. Cloudflare then retrieves the data from your web server. However, here only changed data is retrieved, so that static files such as images, html, javascript or CSS files are all already at Cloudflare and are delivered directly to the visitor. Thus you save traffic and the web servers are less loaded. Through many additional features the websites are also optimized, i.e. reduced in size and optimized for search engines. The site is also protected from many attacks by a firewall.

For its infrastructure, the company relies on a decentralized network of servers that function with an attached DNS. In total CloudFlare Servers in 102 different data centers, which are operated in over 49 countries. That makes CloudFlare very safe from attacks by hackers and also very resistant to technical problems and malfunctions. Today counts CloudFlare one of the most popular and widely distributed CDNs worldwide. Many web hosters, also in Germany, have CloudFlare has now been integrated into their hosting packages, giving customers access to the content that the CDN has to offer.

 

Why do webhosters integrate Cloudflare into their packages?

 

CDNs are regarded as secure caches for static files that are delivered directly from the CDN provider like Cloudflare and therefore do not have to be requested again from the webhoster's server. Instead, the data is stored securely at CloudFlare, welches diese Daten auf Wunsch auch für eine schnellere Auslieferung optimiert. Dieses Verfahren hat Vorteile sowohl für den Webhoster als auch für Sie als Kunden. Der Webhoster kann seinen Kunden einen zusätzlichen Mehrwert anbieten, der sicher ist, aber keinen Speicherplatz einnimmt und einen zusätzlichen Schutz bietet. Der Kunde auf der anderen Seite profitiert von einer besseren Geschwindigkeit und kann ggf. zusätzliche Lizenzen für Optimierungssoftware in seinem CMS einsparen.[/vc_column_text][vc_column_text]

How can you enable CloudFlare?

Even though CloudFlare is offered by many webhosters, the CDN is not always activated by default. Would you like to CloudFlare then the hosting providers offer you the possibility to use the CDN via the settings or the control center or the customer area. Provided CloudFlare is included in your webhosting or server package, the activation is free of charge and there are no further costs. Would you like to CloudFlare and the option is not available, then you have to contact your hosting provider and ask them whether the activation is generally possible in your tariff or with the hoster. They can also help you with the activation and answer any questions you may have.

In our example the webhoster.com AGor Agency Ehrenwert you can use Cloudflare in the administration interface Plesk administer.

Please note that Cloudflare in this case only works over subdomains, i.e. https://www.ihrefirma.de and not https://ihrefirma.de. This is due to the DNS system regarding CNAME records.

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_single_image image=“2131″ img_size=“large“ alignment=“center“][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]Im Administrationsmenü finden Sie im Hauptbereich „Website&Domains“ auf der rechten Seite den Menüpunkt Servershield from CloudFlare.

Enable Cloudflare

If your account has already been activated at Cloudflare, you will get directly to the Cloudflare menu. Otherwise you can register directly at Cloudflare and enter your login data in the registration form. If you run several domains at Cloudflare, you can register all of them with the same account to be able to manage the domains more easily.

The Cloudflare Menu

After you log in, the basic functions are available directly from the Plesk menu. However, this is not suitable for setting up the domain exactly. Simply activate your domain(s) here by clicking on "on". The domain will then be added to your Cloudflare account. In this step you will see some hints or error messages if you have already assigned the domain to another Cloudflare account or the DNS is not configurable.

Usually the name server is external, so you can ignore these hints and change your DNS server manually. More about this below.

Cloudflare main menu

Log in directly at Cloudflare.com with your login data. Then the following main menu will be displayed. In the first step it is now important that your website is provided with a certificate or that the already existing certificate on the server (e.g. with Letsencrypt) enables a correct encryption. With Cloudflare there are different possibilities to issue a certificate. However, the flexible certificate often leads to problems if the domain is not completely encrypted.

 

Therefore, in the next step we must first select the correct encryption method.

Cloudflare Crypto

Set the mode to "Full". A certificate will then be created by Cloudflare if a certificate is already activated on your web server.

According to Cloudflare, this process can take 24 hours. But for paid accounts it can be done within minutes after you have changed the domain.

So make sure that your Plesk account has a valid certificate on file. This can be a purchased certificate or a free LetsEncrypt certificate. You should also select the option in the Plesk that redirects from http to https and the domain is best accessed through a subdomain such as www.

HTTP Strict Transport Security

With the option Always use HTTPS all http requests are also redirected to https and only encrypted transmissions are possible.

 

If everything works later and the requests are routed through Cloudflare, the option HSTS can be activated. However, it is important to note that the domain can then only be called up in encrypted form by the browser used. In case of certificate errors or other problems on the CMS side, the call can no longer be made via http://.

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]

web application firewall

Now we continue with the Cloudflare Firewall which is already available with the Web Application Firewall in the chargeable tariffs. Unfortunately this is not available with the free Cloudflare version.

On the menu, click Firewall, and then select Web Application Firewall on the page. You can then use it to effectively prevent known attempts to attack your Web site.

For the sake of this example, let's assume that the website was built with WordPress. If you Joomla it is best to select the Joomla rules.

As a rule, the server also runs firewalls such as mod_security with corresponding rules from, say, Atomic or Comodo. But it always makes sense to filter attacks already outside your own infrastructure. This results in less load on the server.

Activate cache

Next is the Cloudflare Cache.

Set the caching level to default. You can review this option later when the first traffic is routed through Cloudflare. With the button in the top right corner you can empty the cache for a short time. This is useful when working on the site and the local cache has been removed. You can also activate the developer mode shown below, in which case cloudflare forwards the requests unchanged.

Eine insbesondere für statische Seiten praktische Funktion ist always on. Cloudflare liefert dann die Seite an den Besucher aus, auch wenn der Server eine Fehlfunktion hat. In der Regel wird dann allerdings auch ein Hinweis angezeigt und dem Kunden die Möglichkeit gegeben den Abruf noch einmal zu testen.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]

cloudflare speed

More than just a CDN. With Cloudflare you can make the best use of the cache and also have your static data optimized. Thus, besides the automatic Minify, i.e. the combination of javascript, css and html, an automatic image optimization is also available. Pictures that are too large are then reduced in size almost without loss.

This makes sense especially if you have not optimized your uploaded pictures before, or the CMS used creates many different sizes from the picture. To get into the green area at the google speed test it is recommended to use a partially free version of tinypng before uploading the images, or call up the page with the google Pagespeed Insights tool. Google will then provide optimized images for download, which you can then simply replace.

Additional functions: Mirage

Cloudflare Mirage is a nice feature to deliver web pages faster to slow connections or devices with smaller displays.

Hier werden dann Bilder in geringerer Auflösung und Größe übertragen, damit das verwendete Endgerät die Seite in einer optimalen Zeit läd und trotzdem alles gut erkennen kann.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]

Adjust DNS settings

If all settings are done, the domain can be routed to cloudflare in the last step.

Since this setting has an immediate effect on the availability of the domain, we should check once again whether the following points have been carried out:

1. The domain was changed to a subdomain like www.ihrefirma.de in the configuration (hosting settings) of the Plesk and also in the content management system e.g. under settings for WordPress.
2. There is a valid certificate and the domain can be reached without errors at https://www.ihrefirma.de.
3. For Cloudflare the crypto mode is Full activated.

We can now set the DNS entry. This requires 2 entries which can be changed or added in the DNS Manager. There are 2 CNAME entries. One is www.ihrefirma.de , the domain name with www. with the CNAME destination www.ihrefirma.de.cdn.cloudflare.net. Make sure that you do not make a mistake here. One likes to forget the cdn. in the domain.

The 2nd entry is then a CNAME entry for cf.www.ihrefirma.de with the target of the root domain, i.e. yourcompany.com.

It is possible that the certificate has not yet been verified for Cloudflare and therefore only an error message appears. It is best to wait 10-15 minutes and try to access the domain several times with https://www.ihrefirma.de .

Try it with external scripts like google pagespeed insights, gtmetrix, or pingdom.

Statistics

As soon as the first traffic is passed through, you will see the first calls in the access statistics. Set the statistics to 6 hours at the beginning to see the first values.

Congratulations.

Now your site is accelerated and secured via Cloudflare.

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=“1/4″][vc_facebook][/vc_column][vc_column width=“1/4″][vc_tweetmeme type=“follow“ follow_user=“webhostingDE“][/vc_column][vc_column width=“1/4″][vc_googleplus][/vc_column][vc_column width=“1/4″][vc_pinterest][/vc_column][/vc_row]