Skip to main content

Adding and Managing Cloud Edge™ in MODX Cloud

  • Updated

If you want to protect your MODX Cloud site from attacks and improve performance for visitors worldwide, this guide explains how to add and use Cloud Edge. You'll learn how to enable enterprise-level security and CDN caching, manage IP allow and block lists, and work with our support team through the setup process.

Overview

Cloud Edge is a fully managed CDN and Web Application Firewall (WAF) feature available as an add-on for production MODX Revolution and WordPress sites in MODX Cloud. Cloud Edge provides enhanced security from automated attacks and malicious traffic, as well as improved site performance through edge server delivery and caching.

How Cloud Edge Works

Cloud Edge is powered by Cloudflare Enterprise, providing the same infrastructure that protects major organisations worldwide. Our team manages all CDN and WAF configuration for you, while giving you the flexibility to manage IP allow and block lists when needed. This means you get enterprise-level protection without the complexity of managing it yourself.

Cloud Edge consists of two components that work together:

  1. Cloudflare Proxy Configuration: Managed through your MODX Cloud Dashboard, this routes your site's traffic through Cloudflare's enterprise network for CDN and WAF protection
  2. Site Integration (Extra/Plugin): Installed automatically on your site, this allows you to manage IP rules and ensures admin users can work without WAF interference

Adding Cloud Edge to Your Site

Cloud Edge is available for production sites in MODX Cloud. Pricing starts at $15/month for your primary hostname, with additional hostnames at $10/month each. 

Enabling Cloud Edge

  1. Log in to your MODX Cloud Dashboard
  2. Click on the name of the Cloud containing the site you want to protect
  3. Navigate to the Domains tab
  4. Locate the domain(s) you want to protect
  5. Toggle ON the Cloud Edge switch next to each domain (the toggle will turn green when active)
  6. Click the Confirm button below the domains grid
  7. Complete the checkout process to add Cloud Edge to your account
  8. Our support team will contact you via email and support ticket to guide you through the DNS configuration

Note: You can enable Cloud Edge for specific domains on multi-domain sites. Each domain with Cloud Edge enabled will be billed separately.

Provisioning Process

After you complete checkout for Cloud Edge, our support team will guide you through DNS configuration via email and support tickets. The provisioning process involves two stages:

Stage 1: SSL Certificate Provisioning

  1. Our team will send you instructions to create a CNAME record for _acme-challenge
  2. You can add this record yourself, or our team can handle it for you (we'll coordinate access)
  3. This record allows us to provision SSL certificates for your site
  4. Once the record is added, our team will confirm SSL certificate provisioning is complete

Stage 2: Final DNS Configuration

  1. Our team will provide you with IP addresses and CNAME record details
  2. You'll update your DNS records to point to Cloudflare's proxy:
    • A records for your apex domain
    • CNAME records for subdomains (like www)
  3. Reply to the support ticket after updating records
  4. Our team will complete the Cloud Edge provisioning

You can update DNS records yourself, or our team can handle this for you. Provisioning typically completes within an hour or two during normal support hours, and same or next business day otherwise.

Once DNS is configured and Cloud Edge is fully provisioned:

  • Your site's traffic will route through Cloudflare's enterprise network
  • The Cloud Edge Extra (MODX) or Plugin (WordPress) will be installed automatically on your site
  • You can begin managing IP allow and block lists from your site's admin interface

Managing Cloud Edge

Automatic Firewall Bypass for Admin Users

The Cloud Edge Extra/Plugin automatically detects logged-in Manager users (MODX) or Admin users (WordPress) and ensures they are not blocked by the WAF during normal administrative actions. This works by detecting your active session—no configuration required.

IP Allow and Block Lists

You can add individual IP addresses to allow or block specific traffic from accessing your site. Each rule includes:

  • IP Address: The IP address you want to allow or block
  • Rule Type: Allow or Block
  • Description: Notes about the IP (e.g., "Head office", "Development team", "Known malicious actor")

Note: For more comprehensive security rules or IP range blocking, contact MODX Cloud support. Our team can configure advanced rules in Cloudflare on your behalf.

Important: IP rules apply only to the individual site where they are configured. If you have multiple sites with Cloud Edge enabled, you'll need to configure rules separately for each site.

For MODX Revolution Sites

  1. Log in to your MODX Manager
  2. Go to Extras → Cloud Edge
  3. Add IP addresses to your Allow or Block lists
  4. Include a description for each rule to help you remember why it was added
  5. Save your changes

For WordPress Sites

  1. Log in to your WordPress Admin
  2. Navigate to the Cloud Edge menu item
  3. Add IP addresses to your Allow or Block lists
  4. Include a description for each rule to help you remember why it was added
  5. Save your changes

Removing Cloud Edge

If you need to remove Cloud Edge from your site, follow these steps in the correct order to avoid access issues.

Step 1: Deprovision Cloud Edge in MODX Cloud Dashboard

  1. Log in to your MODX Cloud Dashboard
  2. Click on the name of the Cloud containing your site
  3. Go to the Domains tab
  4. Toggle OFF the Cloud Edge switch for each domain (the toggle will turn grey when inactive)
  5. Follow the instructions in the Dashboard to update your DNS records to point back to your site's origin
  6. Contact our support team to confirm DNS updates are complete and to finalize deprovisioning

Important: You must update your DNS records before our support team completes the deprovisioning process. If Cloud Edge is disabled before DNS records are updated, your site will go offline.

Step 2: Uninstall the Extra/Plugin

For MODX Revolution:

  1. Log in to your MODX Manager
  2. Go to Extras → Installer
  3. Find the Cloud Edge Extra
  4. Uninstall it

For WordPress:

  1. Log in to your WordPress Admin
  2. Go to Plugins
  3. Find the Cloud Edge Plugin
  4. Deactivate and delete it

Important Warning

Do not uninstall the Cloud Edge Extra/Plugin before deprovisioning Cloud Edge in your MODX Cloud Dashboard. If you remove the Extra/Plugin while Cloud Edge is still active, you may experience issues with saving content and performing other administrative actions, as the WAF will block some functionality normally available to unauthenticated users.

Support

If you need assistance with Cloud Edge provisioning, deprovisioning, DNS configuration, or troubleshooting, contact MODX Cloud support. Our team will guide you through the complete process via email and support tickets.

Related articles