One of the biggest problems of owning a website is site slowdown and the potential of being hacked. With so many free solutions currently available, it generally requires manual setups and installations, which can be a problem to configure.
A great free service that alleviates this problem and allows you to both speed up and secure your sites is a free tool called
www.cloudflare.com
Cloudflare is a free CDN (Content Delivery Network) and is great at speeding up your sites and saves a cached version in case of any server downtimes.
Setting up a free account is pretty straight forward with only a few steps required to add your domains and secure it.
Protecting your site
Once your domains are setup and added to the service, the main goal now is to ensure that your sites are fully protected from any hacking attempts.
Most hacks are automated using ‘bots’ that repeatedly attempt to log into your site continuously.
To prevent this from happening, we need to set up rules in Cloudflare.
– Click on the ‘
cogwheel‘ icon next to your domain listings, which will open up a list of options.
– Select the option called ‘
Page Rules‘. Your free account will allow you up to 3 rules per domain.
2 identical rules will need to be created for the following 2 pages:
mydomain.com/wp-login.*
*.mydomain.com/wp-login.*
Note: You will need to change ‘mydomain.com’ to the name of your own domain.
Under the ‘
Add New Rule‘ section. Use the following settings for both pages:
—-
Forwarding:
Off
Always Use HTTPS:
Off
Custom Caching:
Bypass Cache
Browser Bypass Cache TTL:
4 Hours
Always Online:
Default
Apps:
On
Performance:
On
Rocket Loader:
Default
Security:
On
SSL:
Default
Security Level:
I’m Under Attack
Browser Integrity Check:
On
—-
– Click the ‘
Add Rule‘ button to save the rule.
Cloudflare will now go ahead and scrutinise any connection to both of those pages.
This will slow down your personal login attempts, but you can whitelist your IP address by entering it into Cloudflare’s whitelist settings.
Firstly, you can find out your IP address by going to
www.whatismyip.com
Next, go to: Threat Control >> Add custom rule >> Insert your IP Address and click the ‘
Trust‘ button.
Your website will now be fully optimised and secured from potential hacking attempts.
Please Note:
Setting Security level to “I’m under attack” can also stop http communication on your site if you are using OptimizeMember or other integrations with 3rd party tools such as SamCart and ThriveCart.