Here are a few steps to follow to configure Cloudflare on your site, before installing the Jetpack plugin.
Cloudflare is a popular CDN, caching, and protection service. It can be used with WordPress, and is compatible with Jetpack.
Jetpack communicates with your website through the secure use of your xmlrpc.php file. By default, Cloudflare blocks all non-Jetpack access to this file and serves an “HTTP 403 Forbidden” message. This is designed to block access to that file by unwarranted users.
Cloudflare has settings in place to make sure that Jetpack requests to the xmlrpc.php file are allowed to pass through their firewalls and protection services. This means you should not have to manually configure access for Jetpack through Cloudflare.The steps below help to ensure that your site is optimized to work well with Cloudflare.
To get started, you’ll want to follow the instructions to add your site to Cloudflare.
Create a PageRule to exclude WordPress’ dashboard from Cloudflare.
While Cloudflare is useful for your readers, you do not need to use it for your site’s dashboard. It may in fact cause some issues. Luckily, you can set up rules so Cloudflare ignores your site’s dashboard.
- Go to “Rules” in your Cloudflare dashboard.
- Under “Add New Rule”, enter the following:
- Make sure caching, apps, and performance are disabled.
- Save your changes.
Use Cloudflare’s SSL certificate on your site.
- Under the SSL/TLS menu, enable one of Cloudflare’s SSL options.
- Wait for the changes to be available on your site.
- Install and activate the Cloudflare plugin.
- Install the Cloudflare Flexible SSL plugin to avoid running into Redirect loop issues in your dashboard.
- Enable Administration over SSL (reference) by adding the following to
/** * Admin over SSL */ define('FORCE_SSL_ADMIN', true);
- Set the port to 443 by adding the following to
/** * Set port to 443 */ $_SERVER['SERVER_PORT'] = 443;
- Under Settings > General in your dashboard, change both your site address and WordPress address to use HTTPS.
- In your Cloudflare settings, create a Page Rule to redirect all traffic from HTTP to HTTPS.
You should then be all set, now install the Jetpack plugin!