Cloudflare Integration
Manage Cloudflare cache and settings directly from WordPress
Overview
The Cloudflare integration is an optional feature that adds convenience tools for managing Cloudflare cache directly from your WordPress admin panel.
Note: You don't need this integration for CDN functionality to work. It's purely for convenience if you use Cloudflare.
Prerequisites
What You Need
- Active Cloudflare account
- Domain added to Cloudflare
- Cloudflare Zone ID (from your dashboard)
- Cloudflare API Token (you'll create this)
Getting Cloudflare Credentials
Step 1: Get Your Zone ID
- Log in to Cloudflare Dashboard
- Select your domain/website
- Scroll down to the right sidebar
- Find "Zone ID" section
- Copy the Zone ID (it looks like:
abc123def456...)
Step 2: Create API Token
- In Cloudflare Dashboard, click your profile icon (top right)
- Go to My Profile → API Tokens
- Click "Create Token"
- Use the "Edit zone DNS" template OR create custom with these permissions:
Required Permissions
Zone Permissions:
- ✅ Cache Purge - Purge
- ✅ Zone Settings - Edit
- ✅ Zone - Read
Zone Resources:
- Include → Specific zone → [Your Domain]
- Click "Continue to summary"
- Click "Create Token"
- Copy the API token (you'll only see this once!)
- Save it in a secure place
Configure Integration in WordPress
Setup Steps
- Go to 1 CDN Manager → Cloudflare
- Paste your Zone ID in the first field
- Paste your API Token in the second field
- Click "Save Changes"
- Click "Test Connection" to verify
Test Connection Results
✅ Success: "Connection successful! Cloudflare is properly configured."
❌ Failed: Shows error message - check credentials and permissions
Features
1. Purge All Cache
What it does: Clears all cached content for your entire domain
When to use:
- After updating site design
- After changing CSS/JS files
- After major content updates
- When versioning is not working
How to use:
- Go to Cloudflare tab
- Click "Purge All" button
- Confirm the action
- Wait for confirmation message
Note: Purging all cache will temporarily slow your site as Cloudflare re-caches everything. Use selective purge when possible.
2. Selective Cache Purge
What it does: Purges specific URLs only
How to use:
- Enter URLs to purge (one per line)
- Click "Purge URLs"
URL Format Examples:
https://example.com/wp-content/themes/mytheme/style.css
https://example.com/wp-content/uploads/2024/image.jpg
https://cdn.example.com/script.js
Wildcard Purge:
Purge multiple files with prefixes (Enterprise plan only):
https://example.com/wp-content/uploads/*
https://cdn.example.com/images/*
3. Developer Mode
What it does: Temporarily bypasses Cloudflare cache (auto-disables after 3 hours)
When to use:
- Testing CSS/JS changes
- Debugging cache issues
- Development and staging
How to use:
- Toggle "Developer Mode" switch ON
- Make your changes and test
- Toggle OFF when done (or let it auto-disable after 3 hours)
Tip: Developer Mode affects your entire domain, not just the WordPress site.
4. Always Online
What it does: Serves cached pages even when your origin server is down
Benefits:
- Site stays accessible during server maintenance
- Visitors see cached content instead of errors
- Reduces downtime impact
How to use:
- Toggle "Always Online" switch ON
- Cloudflare will serve cached versions when origin is unavailable
5. Browser Cache TTL
What it does: Sets how long browsers should cache files
Options:
- 30 seconds - For frequently changing content
- 1 hour - Development/testing
- 1 day - Dynamic content
- 1 week - Semi-static content
- 1 month - Static assets
- 1 year - Permanent assets (use with versioning!)
Recommended Settings:
- Images/Videos: 1 week to 1 month
- CSS/JS: 1 day (with versioning enabled)
- Fonts: 1 month to 1 year
- HTML: Respect existing headers (Cloudflare default)
Workflows & Best Practices
Site Update Workflow
- Before updates: Enable Developer Mode
- Make changes: Update theme, plugins, content
- Test: Verify everything works
- Publish: Disable Developer Mode
- Purge: Purge specific URLs or all cache
- Update version: Increment version strings if using versioning
CSS/JS Update Workflow
- Enable versioning: Make sure CSS/JS versioning is ON
- Update files: Make your CSS/JS changes
- Change version: Update version string (e.g., 1.5 → 1.6)
- Purge (optional): Purge old CSS/JS URLs
- Test: Verify new version is loaded
Emergency Purge
If something is broken due to cache:
- Enable Developer Mode (immediate bypass)
- Click Purge All
- Clear WordPress cache
- Clear browser cache (Ctrl+Shift+R)
- Test site
- Disable Developer Mode once fixed
Performance Optimization
- Use versioning instead of frequent cache purges
- Purge selectively when possible (not all cache)
- Set long Browser Cache TTL for static assets (1 month+)
- Enable Always Online for better uptime
- Don't leave Developer Mode on - it reduces performance
Troubleshooting
Connection Test Fails
Error: "Invalid credentials"
- Double-check Zone ID is correct
- Verify API Token is copied completely
- Make sure token has correct permissions
Error: "Forbidden" or "Unauthorized"
- API Token lacks required permissions
- Token is restricted to wrong zones
- Recreate token with correct permissions
Error: "Connection timeout"
- Server firewall blocking Cloudflare API
- Check hosting provider's firewall rules
- Verify server has internet access
Purge Not Working
- Wait 1-2 minutes for purge to propagate globally
- Clear browser cache as well (Ctrl+Shift+R)
- Check if Developer Mode is interfering
- Verify URLs are correct (check protocol: https vs http)
Developer Mode Won't Turn Off
- Wait - it auto-disables after 3 hours max
- Check Cloudflare dashboard directly
- Clear WordPress cache and try again
Settings Not Saving
- Check WordPress file permissions
- Verify API token has "Edit" permission for Zone Settings
- Check browser console for JavaScript errors (F12)
API Rate Limits
Cloudflare Limits
- Free Plan: 1,200 requests per 5 minutes
- Pro Plan: 2,400 requests per 5 minutes
- Business Plan: 4,000 requests per 5 minutes
- Enterprise Plan: Custom limits
The plugin is designed to respect these limits. Normal usage won't exceed them.
Security Best Practices
API Token Security
- ✅ Only grant minimum required permissions
- ✅ Restrict token to specific zone only
- ✅ Regenerate token if compromised
- ✅ Use API tokens, not Global API Key
- ❌ Never share API tokens publicly
- ❌ Don't commit tokens to Git repositories
Token Management
- Create separate tokens for different sites
- Rotate tokens periodically (every 6-12 months)
- Delete unused tokens from Cloudflare dashboard
Cloudflare + CDN Manager: Perfect Together
Recommended Setup
- Cloudflare DNS: Orange cloud enabled for main domain
- Subdomains: Create cdn.example.com, img.example.com (also orange clouded)
- Plugin Settings: Use subdomains as CDN URLs
- Cloudflare Integration: Configure for easy cache management
- Page Rules: Set cache everything on CDN subdomains
Benefits of This Combo
- Global CDN with 200+ data centers
- Free SSL/TLS certificates
- DDoS protection included
- Manage everything from WordPress
- Granular control over asset types