Cloudflare is a useful web protection, performance and optimization solution with plans ranging from free to paid. Free plans allow you to use Cloudflare for SSL, DNS, a basic CDN, and some basic performance optimizations that may work with your sites.
Paid plans introduce a Web Application Firewall, increased levels of configuration (and Page Rules), and other useful tools. For details between plans, see https://www.cloudflare.com/plans/
Cloudflare Page Rules to Work with the Manager
Free Cloudflare accounts only have 3 page rules, so use them wisely. First, login or create an account in Cloudflare: www.cloudflare.com
Next, and after doing the basic Cloudflare configuration which probably involves duplicating DNS entries, go to the Page Rules section and have Cloudflare bypass the cache for the following directories, changing “example.com” to match your actual URL:
example.com/manager/*
example.com/connectors/*
Note: in some circumstances you may need to add an additional bypass rule to prevent interferring with proper manager functionality when you have the Client Config Extra installed:
example.com/assets/components/clientconfig/*
Install the Cloudflare Extra
- Open the Installer in MODX
- Download Extras button
- Search for "Cloudflare"
- Install Cloudflare API Integration Extra
Get the Cloudflare API Key
- Click the username (email) in the upper right
- Go to My Setting > API Key
- Click View API Key for the Global API Key
- Copy this Key to your clipboard
Configure the Cloudflare Extra
- Got to the MODX Manager and Open the Sytem Settings > Cloudflare namespace
- Enter the Cloudflare Account Email and API Key you copied to your Dashboard and Save
Now when you make changes, it will automatically purge the relevant pages from the Cloudflare cache.
Using Cloudflare for SSL
Cloudflare is a low effort, fast way to serve your site via SSL. Making it work, however, requires keeping a few things in mind, both as it relates to MODX and to MODX Cloud.
A frequently practice in MODX is to use a base-href tag in templates. This makes creating portable sites and moving from stage to production, for instance, more straightforward. However, if you cache these types of URLs, things can not work as expected, resulting in "broken green bar" websites and browser security warnings.
MODX Cloud intoduces an additional layer of flexibility by allowing a site to be accessed by multiple URLs in addition to a custom domain name:
- cNNN.paasX.YYY.modxcloud.com as the internal cloud URL
- project.account.modxcloud.com as your own project URL that's more personalized and memorable
To prevent SSL-related browser warnings, use the following base href tags in your MODX website:
<base href="//[[!++http_host]][[++base_url]]">
Then you can turn on SSL in Cloudflare using the Flexible HTTPS setting under the Crypto page, and by adding one more page rule to force HTTPS as follows, with the only rule being Always Use HTTPS:
example.com/*
Recommended Settings
Recommended settings will be documented in this section for Security and Auto-optimization. Feel free to comment below to share your recommended settings.