June 18, 2021

Using the Cloudflare plugin with WordPress


WordPress is a free and open-source content management system. Many WordPress sites use Cloudflare to increase site speed with free CDN and protect site resources with security features.

After creating a Cloudflare account and adding a website, using Cloudflare with WordPress requires installing the Cloudflare plugin and configuring security and performance settings.

Activate the WordPress Plugin

The Cloudflare plugin for WordPress allows you to ensure your site is running optimally on the WordPress platform.

To install and activate the plugin,

  • Log in to the WordPress dashboard.
  • Navigate to Plugins.
  • Search for 'Cloudflare', and click Install.
  • Click Activate Plugin.

Configure the Cloudflare WordPress plugin

After installing the Cloudflare WordPress plugin, to configure plugin settings,

  1. Click Settings and choose the Cloudflare plugin. The Cloudflare login page appears.
  2. Enter your Cloudflare login credentials, including your email and Cloudflare API key, then click Save API Credentials.
    For more information about the API key and how to retrieve it, review documentation.

To ensure that the Cloudflare plugin works optimally on your WordPress site, apply the default plugin settings by clicking Apply in Settings.

After configuring the Cloudflare WordPress plugin, customize your Cloudflare configuration with the following features to further improve security and performance:

  • Navigate to the Firewall app in the Cloudflare dashboard, then the Managed Ruleset tab, and toggle the Cloudflare WordPress rule to On
  • Cache Static HTML with Cloudflare Page Rules
  • Optimize images with Polish and Mirage
  • Enable HTTP/2
  • Minify HTML, CSS, and JavaScript

Removing Plugin

In the event you cannot go back into your wp-admin area, in order to recover access, please perform any of the following:

Manual delete
If you can access your wp-admin area, disable the Cloudflare plugin and/or upgrade it to v3.8.2
If not, ssh into your server and delete the plugin directory, located at ../wp-content/plugins/cloudflare, after which you can reinstall your plugin and your settings will be preserved.
Restore a website backup from your hosting provider dashboard
Delete the plugin from the hosting provider “file manager” from inside your cPanel (Plesk)
Path to navigate to the plugin inside your FTP folders is: wp-content -> plugins -> Cloudflare
Also as of WordPress 5.2, if WordPress is able to send emails, on a critical error, it will send the site owner a link to recovery mode which disables all plugins.

Leave a Reply

Your email address will not be published. Required fields are marked *


HAZGUI WP mission is to create custom websites and marketing plans for businesses of all varieties. Regardless of your size, you should have a website that speaks your ideas and helps you grow.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram