1. Domain and DNS Settings

 
  • You must update your domain’s nameservers (NS) to the ones provided by Cloudflare, otherwise the proxy won’t work.
  • DNS propagation can take 1–24 hours globally.
  • The orange cloud means proxy & acceleration is enabled; the gray cloud means DNS-only (no protection).
 

2. Origin Server IP Security (Critical)

 
  • Never leak your real VPS/server IP after enabling Cloudflare.
  • Do not expose your IP via subdomains, email servers, image hosts, or direct links.
  • On your VPS/firewall, allow only Cloudflare IP ranges on ports 80/443 for better security.
 

3. SSL / HTTPS Configuration

 
  • Recommended SSL modes:
    • Flexible: Easy for beginners
    • Full / Strict (Strict SSL):More secure (requires a valid certificate on your origin)
     
  • Enable Always Use HTTPS and Automatic HTTPS Rewrites to avoid mixed-content errors.
  • Do not leave SSL set to Off.
 

4. Caching Rules

 
  • Cloudflare does not cache HTML pages by default, only static files (images, CSS, JS).
  • Never cache admin panels such as /wp-admin/ — use a Cache Bypass rule.
  • If caching doesn’t work:
    • Turn on Development Mode
    • Purge Cloudflare cache
    • Check cf-cache-status in response headers
     
 

5. Firewall and Security

 
  • Enable Managed Rulesets to block most attacks and scans.
  • Use Country/Region blocking if needed.
  • Avoid blocking your own IP.
  • Set up Rate Limiting to prevent CC/DoS attacks.
 

6. For Shared VPS / Shared Hosting

 
  • Frequent 520, 521, 522 errors often mean the origin server is overloaded or blocked Cloudflare IPs.
  • Do not set security level to Under Attack Mode permanently — it will slow down normal visitors.
  • Enable Auto Minify (CSS, JS, HTML) and Broti compression for better speed.
 

7. Common Error Codes

 
  • 502 / 520 / 521 / 522: Origin server down, overloaded, or firewall blocking Cloudflare.
  • 1020: Firewall rule blocked you.
  • 524: Origin timeout (slow PHP/backend).
  • SSL errors: Wrong SSL mode or invalid certificate on origin.
 

8. Common Mistakes to Avoid

 
  • Email stops working: Set MX records to gray cloud (DNS-only).
  • Cannot log in to admin: Cache conflict — create a bypass rule.
  • Website slow: Change node to Hong Kong, Singapore or let it auto-select.
  • Content not updating: Purge Cloudflare cache and browser cache.
Byla tato odpověď nápomocná? 0 Uživatelům pomohlo (0 Hlasů)

Nejpopulárnější

Velidc VPS aaPanel Installation Technical Documentation

1. Document Overview This document is a complete technical manual for the installation,...
Velidc VPS 1Panel Installation Technical Documentation

1. Document Overview   This document details the complete steps to install, configure, and...
Dedicated VPS vs Shared VPS

1. Basic Concepts   Dedicated VPS (Standard VPS / Cloud Server)   Uses virtualization...
How to Optimize a Shared VPS (Shared Hosting)

Shared VPS means limited CPU, RAM, I/O, and no root access....
How to Check If Caching Is Enabled on a Shared VPS

Here are simple, no-tool methods anyone can use to verify caching.     1. Check HTTP...