CloudFlare CDN Setup

Our company is engaged in the development, support and maintenance of sites of any complexity. From simple one-page sites to large-scale cluster systems built on micro services. Experience of developers is confirmed by certificates from vendors.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and maintenance of all types of websites:
Informational websites or web applications
Business card websites, landing pages, corporate websites, online catalogs, quizzes, promo websites, blogs, news resources, informational portals, forums, aggregators
E-commerce websites or web applications
Online stores, B2B portals, marketplaces, online exchanges, cashback websites, exchanges, dropshipping platforms, product parsers
Business process management web applications
CRM systems, ERP systems, corporate portals, production management systems, information parsers
Electronic service websites or web applications
Classified ads platforms, online schools, online cinemas, website builders, portals for electronic services, video hosting platforms, thematic portals

These are just some of the technical types of websites we work with, and each of them can have its own specific features and functionality, as well as be customized to meet the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 2065 services
CloudFlare CDN Setup
Medium
from 1 business day to 3 business days
FAQ
Our competencies:
Development stages
Latest works
  • image_website-b2b-advance_0.png
    B2B ADVANCE company website development
    1212
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1161
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    852
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1041
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    822
  • image_bitrix-bitrix-24-1c_fixper_448_0.png
    Website development for FIXPER company
    815
Show more works

Setting up Cloudflare CDN

Cloudflare is the most widespread CDN with free plan including DDoS protection, WAF, SSL, and 300+ PoP network. Switching DNS to Cloudflare takes 15 minutes; caching setup takes another hour.

Setup

  1. Register on cloudflare.com, add domain
  2. Cloudflare scans DNS records and offers to import them
  3. Replace NS servers at registrar with Cloudflare NS (kate.ns.cloudflare.com, jay.ns.cloudflare.com)
  4. DNS propagation: 5 minutes – 24 hours

Orange cloud icon (proxied)—traffic goes through Cloudflare. Gray cloud (DNS only)—Cloudflare only resolves DNS.

SSL/TLS mode

Settings: SSL/TLS → Overview:

Mode When to use
Off Never
Flexible Only if no SSL on server (not recommended)
Full Self-signed certificate on server
Full (strict) Valid certificate on server (recommended)

Caching rules (Cache Rules)

# Cloudflare Dashboard → Caching → Cache Rules

# Rule 1: Cache static assets
Condition: URI Path matches wildcard /assets/*
Action: Cache Everything, Edge TTL: 1 year, Browser TTL: 1 year

# Rule 2: Don't cache admin panel
Condition: URI Path matches wildcard /admin/*
Action: Bypass Cache

# Rule 3: Don't cache authenticated users
Condition: Cookie "laravel_session" exists
Action: Bypass Cache

# Rule 4: Cache public pages
Condition: URI Path matches regex ^/(|catalog|products|blog).*
Action: Cache Everything, Edge TTL: 5 minutes

Page Rules (legacy interface, still works)

example.ru/admin/*    → Cache Level: Bypass
example.ru/api/*      → Cache Level: Bypass
example.ru/assets/*   → Cache Level: Cache Everything, Edge Cache TTL: 1 year

Workers — edge computing

// Add security headers at CDN level
addEventListener('fetch', event => {
    event.respondWith(addSecurityHeaders(event.request));
});

async function addSecurityHeaders(request) {
    const response = await fetch(request);
    const newResponse = new Response(response.body, response);

    newResponse.headers.set('X-Frame-Options', 'SAMEORIGIN');
    newResponse.headers.set('X-Content-Type-Options', 'nosniff');
    newResponse.headers.set('Referrer-Policy', 'strict-origin-when-cross-origin');
    newResponse.headers.set('Permissions-Policy', 'camera=(), microphone=()');

    return newResponse;
}

Speed optimizations

  • Auto Minify → HTML, CSS, JS (enable)
  • Rocket Loader → async JS loading (test—may break some scripts)
  • Polish → auto image conversion to WebP (paid plans only)
  • Mirage → responsive images (paid)
  • Early Hints → 103 Early Hints for preloading (enable)

Firewall Rules / WAF

# Block bots by User-Agent
(http.user_agent contains "sqlmap") or
(http.user_agent contains "nikto") or
(http.user_agent eq "") → Block

# Challenge for suspicious countries
(ip.geoip.country in {"CN" "RU" "KP"} and not cf.bot_management.verified_bot)
→ Managed Challenge

# Rate Limiting for API
/api/* → 100 requests per 60 seconds from one IP

Terraform for Infrastructure as Code

resource "cloudflare_zone_settings_override" "example" {
    zone_id = var.zone_id
    settings {
        ssl            = "strict"
        always_use_https = "on"
        min_tls_version  = "1.2"
        http3            = "on"
        brotli           = "on"
        early_hints      = "on"
        cache_level      = "aggressive"
    }
}

resource "cloudflare_page_rule" "cache_assets" {
    zone_id  = var.zone_id
    target   = "${var.domain}/assets/*"
    priority = 1
    actions {
        cache_level       = "cache_everything"
        edge_cache_ttl    = 31536000
        browser_cache_ttl = 31536000
    }
}

Setup time: several hours for basic config with caching and WAF.