The mod_cloudflare web server module is installed on our servers so that when clients wish to use it (and are willing to manage any issues that could be a result of Cloudflare), our firewall will not start blocking CloudFlare IPs. The module ensures our servers and firewalls see the right visitor IPs when cloudflare is active.
That said, our web application layer firewall (Imunify360) is not compatible with aggressive CDN caching modes, like Cloudflare 'cache everything' with 'Edge Cache TTL'. If you use CloudFlare with this setting enabled and your visitors are always seeing the CAPTCHA user verification page rather than your website, this is why. To fix this disable aggressive caching with CloudFlare and instead either enable nginx caching in Plesk or if you're using WordPress, check out our guide to setting up caching with WordPress, which will be far better for performance and compatibility than Cloudflare's cache.
CloudFlare has its upsides and downsides:
- In theory, loading your site should be faster when being accessed from other continents
- It can provide some level of security protection
- Speed analysis tools like GT Metrix will give you a higher score simply for using a content delivery network (CDN), without actually measuring the real-world performance differences.
- If your website visitors are mostly local and Cloudflare's nearest server is farther or has worse connectivity than our servers in Montreal, then it'll actually slow down your site.
- Because you're adding yet another layer to the way your website loads, troubleshooting issues becomes very difficult. If your site goes down, it's rare that we can help as the issue is frequently a problem with Cloudflare
- Because Cloudflare takes over your DNS, when you add sub-domains or make changes to your DNS records in Plesk you will find they do not become live until you've also changed them in Cloudflare's panel. Similarly, your MX records will not be automatically created in Cloudflare's DNS panel, resulting in incoming mail no longer functioning after enabling Cloudflare unless you explicitly create them manually.
- CloudFlare's aggressive caching system is not compatible with our security solutions
It's up to you to choose whether you wish to use CloudFlare, but be aware that our ability to help you with supporting your site if any issues arise may become very limited.
Here's some alternatives to Cloudflare, depending on use-case:
- Website Speed: If your target audience is in North America or Europe, Cloudflare isn't likely to provide much of a speed benefit. If you're using WordPress, try using our optimization guide here instead: our server optimizations are compatible with common caching plugins like WP Super Cache and WP Rocket.
- Want a static file CDN: Try out a CDN that doesn't take over your DNS instead, like MaxCDN, BunnyCDN, or RocketCDN. Please consult the documentation for your caching system (ex: WP Super Cache or WP Rocket for WordPress) to learn how to integrate them
- Security: We use the Imunify360 security layer on our shared servers (and it's available to purchase for our VPS offerings as well). This provides more functionality than Cloudflare's firewall and is built in!