Once upon a time, we recommended Cloudflare just to improve performance of client’s sites and to provide a tiny bit of protection from downtime. But technology has evolved a ton since we started making those recommendations and thank goodness, Cloudflare has evolved right along with us. Let’s highlight some of those changes and their advantages.
On another recent blog post, we talked about adding security to WordPress sites by using a security plugin, and yes that’s great. But what about stopping offenders before they even get to your site? Cloudflare can do that.
Cloudflare has built-in rules to stop specific attacks against WordPress and other platforms, as well as the ability to create your own custom firewall rules. One example we implement is geographically limiting visitors to a certain page (like the login page) so that only users in your area can log into your site. So if someone who is not from your fenced in area attempts to login to your site, they probably have no business trying to knock on your website’s front door and Cloudflare blocks them.
To filter out even more potential offenders, Cloudflare intelligently recognizes and filters out bad bots, so the good ones (like search engines) can do their thing.
This means slowing down the attempts at hacking into your site. This can be a big one, since those script kiddies (aka bad actors, aka black hats) out there indiscriminately try hammering your site with bogus logins. Setting up rate limiting can really dampen their efforts and hopefully sends them somewhere more fruitful.
Yes, having a great hosting solution is good, but security is more important than ever. Cloudflare acts as another layer of lightweight armor. It can even improve performance in a lot of cases, and some of their plans can provide a copy of your site in case of downtime. If you’re worried about cost, start out with their free plan. We use Cloudflare on our site and strongly recommend it for all of our clients as well.