Adding Cloudflare to a Cloudways-hosted site gives you a content delivery network, DDoS protection, and free SSL without changing your hosting plan. This guide walks through connecting the two services and configuring the settings that matter most after setup.
Why Use Cloudflare With Cloudways?
Cloudways already delivers fast hosting through SSD storage, server-side caching, and your choice of cloud provider. Cloudflare sits in front of that, adding a layer of performance and protection that Cloudways alone does not provide.
Global CDN for Static Assets
Static files such as images, CSS, and JavaScript are cached on Cloudflare’s global edge network and served from the location closest to each visitor. This reduces load on your Cloudways server and lowers time-to-first-byte for visitors outside your server’s data centre region. Cloudways includes server-side caching (Varnish, Breeze) for dynamic pages, but Cloudflare handles the static layer independently at the edge.
DDoS Protection and Traffic Filtering
Cloudflare filters malicious traffic before it reaches your Cloudways server. This includes volumetric attacks, bot traffic, and request floods. The free plan includes basic DDoS mitigation. Cloudways does not provide this type of edge-level filtering, so Cloudflare fills a genuine gap in the security setup.
SSL Without Extra Cost
Cloudflare provides an SSL certificate between the visitor and Cloudflare’s edge at no charge. However, you still need a valid SSL certificate installed on your Cloudways server to use Full (Strict) mode and avoid mixed-content issues. Set SSL mode to Full (Strict) in Cloudflare if your Cloudways application already has a Let’s Encrypt certificate installed. For details on installing SSL on Cloudways, see how to install SSL on Cloudways.
Traffic Analytics and Threat Monitoring
Cloudflare’s dashboard shows request volume, cache hit rate, bandwidth saved, and blocked threats in one view. This is especially useful for identifying traffic spikes, bot activity, or cache hit ratio problems that Cloudways server logs alone would not surface clearly.
Cloudflare CDN vs Cloudways CDN: What Each Does
Cloudways includes a CDN add-on through Cloudways CDN (powered by StackPath) that caches static files on a separate network. If you already pay for the Cloudways CDN, you have some overlap with Cloudflare’s static caching. The main differences are:
- Cloudflare’s free tier includes DDoS protection, firewall rules, and analytics that the Cloudways CDN add-on does not.
- Cloudways CDN is a paid add-on; Cloudflare’s free plan handles most WordPress use cases at no cost.
- If you add Cloudflare, disable the Cloudways CDN add-on to avoid double-caching layers that can cause stale content issues.
How to Connect Cloudflare to Cloudways
Step 1 - Create a Cloudflare Account
Go to cloudflare.com and sign up with your email and a password. No credit card is required for the free plan.
Step 2 - Add Your Website
Once logged in, click Add a Site and enter your root domain (for example, yourdomain.com without the www). Select the Free plan on the next screen.
Cloudflare will scan your existing DNS records. This takes up to 60 seconds. When it finishes, review the records listed and confirm they look correct before continuing.
Step 3 - Review DNS Records
Cloudflare imports your current DNS records from your registrar. Check that your A record (the one pointing to your Cloudways server IP) is present. If it is missing, add it manually: set the type to A, the name to @ (for the root domain), and the value to your Cloudways server’s IP address.
Make sure the Proxy Status for your A record is set to Proxied (the orange cloud icon) rather than DNS-only. This is what enables the CDN and protection features.
Step 4 - Update Your Nameservers
Cloudflare gives you two nameservers to copy. Log into your domain registrar (wherever you bought the domain) and replace the existing nameservers with the Cloudflare ones. Save the changes.
Nameserver changes take anywhere from a few minutes to 48 hours to propagate globally, though most complete within a few hours. Once Cloudflare detects the change, your site will be active through the Cloudflare network.
Step 5 - Set SSL Mode to Full (Strict)
This is the step most guides skip, and it causes the most problems. In the Cloudflare dashboard, select your domain, then go to SSL/TLS > Overview. Set the encryption mode to Full (Strict).
If your Cloudways server has a valid Let’s Encrypt certificate installed (which it should by default), Full (Strict) is the correct setting. Using Flexible SSL with Cloudways often causes redirect loops because Cloudways tries to force HTTPS on its end while Cloudflare handles the other direction.
Step 6 - Configure Caching and Performance
With the connection live, set the cache level to Standard in Cloudflare’s Caching > Configuration section. For WordPress sites using a caching plugin like Breeze (Cloudways’ built-in plugin), the plugin handles page caching while Cloudflare handles static asset delivery.
You can also enable Auto Minify for JavaScript, CSS, and HTML under Speed > Optimization. Avoid enabling Cloudflare Rocket Loader on WordPress sites if you notice JavaScript conflicts after enabling it.
After Setup: What to Verify
SSL and Redirect Checks
Confirm your site loads over HTTPS without a certificate warning and that there is no redirect loop. If you see a redirect loop, the most common cause is the Cloudflare SSL mode being set to Flexible rather than Full (Strict). Fix it in the Cloudflare SSL/TLS settings. Also confirm the Cloudflare dashboard shows your site as Active.
Cache Performance in the Dashboard
Check the Cloudflare Analytics panel for your domain. The cache hit rate should rise over time as more visitors load assets that Cloudflare has already cached at the edge. A cache hit rate below 50% after a few days often means that most of your requests are bypassing the cache (for example, if you are sending cache-busting headers or most of your traffic hits uncacheable dynamic paths).
Updating DNS After Server Changes
If your Cloudways server IP changes (for example, after a server resize or migration), update the A record in Cloudflare’s DNS settings rather than at your registrar. Since Cloudflare is now your DNS authority, changes go there. Update the IP in the Cloudflare DNS tab and wait for the change to propagate through Cloudflare’s network before decommissioning the old server.
Troubleshooting Common Issues
Redirect Loop After Enabling Cloudflare
This almost always means your SSL mode is set to Flexible. Switch it to Full or Full (Strict) in the Cloudflare SSL/TLS settings. If the loop persists after changing the SSL mode, check whether your .htaccess file (for Apache) or Nginx config has a forced HTTPS redirect that conflicts with Cloudflare’s handling.
Site Not Active After Nameserver Update
Allow up to 48 hours, then check the Cloudflare dashboard for the site status. You can also use a propagation checker to see how nameserver changes have spread globally. If Cloudflare still does not show the site as Active after 48 hours, verify that both Cloudflare nameservers are set correctly at your registrar with no leftover nameservers from before.
Images or Fonts Not Loading
Clear both your Cloudways server cache and the Cloudflare cache. In Cloudflare, go to Caching > Configuration and click Purge Everything. If specific file types are not loading, check whether a Cloudflare firewall rule or cache rule is blocking requests for those file extensions.
Rocket Loader Breaking JavaScript
Cloudflare’s Rocket Loader defers JavaScript loading to speed up initial page render. On many WordPress themes and plugins, it causes JS to load out of order, breaking sliders, checkout flows, or admin features. If you notice JavaScript errors after enabling Cloudflare, disable Rocket Loader under Speed > Optimization before investigating further. The performance gain from Rocket Loader is rarely worth the compatibility issues on WordPress sites.
Admin Bar or Login Issues After Enabling Cloudflare
Cloudflare can cache pages for logged-in WordPress users if cache rules are too broad. If your WordPress admin bar disappears or you are served cached pages while logged in, create a Cloudflare Cache Rule to bypass cache for URLs containing wp-admin and for requests with a wordpress_logged_in cookie. Most WordPress caching plugins already pass cache-bypass headers, but a Cloudflare Cache Rule is the most reliable way to enforce this at the edge.
WooCommerce Sites on Cloudways with Cloudflare
WooCommerce requires special attention when Cloudflare is in the stack. The checkout and cart pages must not be served from cache because they contain session-specific content. Serving a cached checkout page can expose one customer’s cart or address details to another visitor.
The Breeze caching plugin (built into Cloudways) already excludes WooCommerce pages from server-side caching. But Cloudflare caches independently at the edge. To prevent Cloudflare from caching checkout and cart pages, create a Cloudflare Cache Rule that sets the cache level to Bypass for URLs matching */checkout* and */cart*. You can also add a bypass rule for requests that contain the woocommerce_items_in_cart cookie, which WooCommerce sets for any visitor who has added a product.
For WooCommerce stores with international customers, Cloudflare’s edge network is particularly valuable: product images and theme assets load quickly from edge nodes in each region, while Cloudways handles the server-side order processing. Our Cloudways performance and speed guide covers how Cloudflare fits alongside Varnish, Redis, and Breeze for a full Cloudways optimization stack.