Connect CDN and WebP optimization

Connect CDN for free and get unlimited WebP image optimization for 20$ per month. WebP compression helps to make your store faster reducing image size up to 50%. Visit https://www.cloudflare.com/ for more details.

Throughout the guide replace "yourdomain.com" with the domain you are connecting to Cloudflare.

Setup for a domain hosted on Cloudflare

  1. Open a Cloudflare account and attach billing information

  2. Migrate DNS records to Cloudflare if the domain is not already there.

  3. Switch NS records in the register if the domain is not already there.

  4. Point www.yourdomain.com CNAME — lb.ireland.eu.i.readymage.com (for instance created in EU Ireland region), — lb.ohio.us.i.readymage.com (for instance created in US Ohio region), — lb.stockholm.eu.i.readymage.com (for instance created in EU Stockholm region), — lb.central.ca.i.readymage.com (for instance created in Canada Central region), — lb.central.me.i.readymage.com (for instance created in Middle East UAE region) proxy → yes

  5. Point yourdomain.com CNAME — lb.ireland.eu.i.readymage.com (for instance created in EU Ireland region) — lb.ohio.us.i.readymage.com (for instance created in US Ohio region), — lb.stockholm.eu.i.readymage.com (for instance created in EU Stockholm region), — lb.central.ca.i.readymage.com (for instance created in Canada Central region), — lb.central.me.i.readymage.com (for instance created in Middle East UAE region) proxy → yes

  6. Adjust Cloudflare settings according to recommended settings.

Setup for a domain hosted outside of Cloudflare

Cloudflare setup if you host your domain outside of Cloudflare and can't migrate NS records:

  1. Open a Cloudflare account and attach billing information

  2. Purchase Cloudflare Business Plan for 200$ for the specific domain.

  3. Contact Cloudflare support asking to switch the account using TXT (CNAME) validation method. Cloudflare performs the switch within hours.

  4. Cloudflare support will provide you with the DNS record that you need to add.

  5. Add the provided DNS record to your existing DNS hosting panel and wait for Cloudflare activation.

  6. In Cloudflare point: www.yourdomain.com CNAME — lb.ireland.eu.i.readymage.com (for instance created in EU Ireland region) — lb.ohio.us.i.readymage.com (for instance created in US Ohio region), — lb.stockholm.eu.i.readymage.com (for instance created in EU Stockholm region), — lb.central.ca.i.readymage.com (for instance created in Canada Central region), — lb.central.me.i.readymage.com (for instance created in Middle East UAE region) proxy → yes

  7. In Cloudflare point: yourdomain.com CNAME — lb.ireland.eu.i.readymage.com (for instance created in EU Ireland region) — lb.ohio.us.i.readymage.com (for instance created in US Ohio region), — lb.stockholm.eu.i.readymage.com (for instance created in EU Stockholm region), — lb.central.ca.i.readymage.com (for instance created in Canada Central region), — lb.central.me.i.readymage.com (for instance created in Middle East UAE region) proxy → yes

  8. In existing DNS hosting panel point: www.yourdomain.com CNAME www.yourdomain.com.cdn.cloudflare.net

  9. In existing DNS hosting panel point: yourdomain.com CNAME yourdomain.com.cdn.cloudflare.net

  10. Adjust Cloudflare settings according to recommended settings:

SSL/TLS

Edge Certificates

  • Always Use HTTPS → On

  • HSTS

    • Enable HSTS → On

    • Max Age Header → 6 months

    • Apply HSTS policy to subdomains → Off

    • Preload → On

    • No-Sniff Header → On

  • Minimum TLS Version → TLS 1.2

  • Opportunistic Encryption → On

  • TLS 1.3 → On

  • Automatic HTTPS Rewrites → On

Security

WAF → Managed rules

  • Managed rules → On

  • Cloudflare Managed Ruleset

    • Cloudflare Magento → On

    • Cloudflare Php → On

Bots → Configure Super Bot Fight Mode

  • JavaScript Detections → Off (if you leave it "on", the performance will decrease slightly, but it will be possible to detect robots more accurately)

Settings

  • Browser Integrity Check → On

  • Privacy Pass Support → On

  • Replace insecure JavaScript libraries → On

Speed

Image Optimization

  • Polish → Lossy + webP

  • Mirage → On

Content Optimization

  • Early Hints → On

  • Rocket Loader → Off (You can try to enable it for sites that are not single-page applications [SPA], for example, for ScandiPWA which is a SPA site it should be disabled)

Protocol Optimization

  • HTTP/2 → On

  • HTTP/2 to Origin → On

  • HTTP/3 (with QUIC) → On

  • Enhanced HTTP/2 Prioritization → On

  • 0-RTT Connection Resumption → On

Caching

Configuration

  • Crawler Hints → On

Rules

Page Rules → Create Page Rule

  • *site.com/static/*, Browser Cache TTL: a year, Cache Level: Cache Everything, Edge Cache TTL: a year, Origin Cache Control: Off

  • *site.com/media/*, Browser Cache TTL: a year, Cache Level: Cache Everything, Edge Cache TTL: a year, Origin Cache Control: Off

Exclude Magento admin from Cloudflare

In order to avoid Cloudflare becoming a bottleneck for long backend operations, you can exclude it from Cloudflare.

Replace admin.yourdomain.com with your Magento 2 admin URL.

  1. Set up a separate domain for your Magento 2 admin that differs from your Magento 2 front-end domain.

  2. Point admin.yourdomain.com CNAME lb.eu.i.readymage.com (for instance created in EU region) /lb.us.i.readymage.com (for instance created in US region), proxy → no.

Last updated

Was this helpful?