Configuring Cloudflare

You will know in 5 minutes:
  1. All Cloudflare specific you have to know and features may be useful to you.

Cloudflare advantages

  1. DNS hosting / manager without charge.

Cloudflare disadvantages

  1. Will vary your website content in some way (see below).

  2. Domain name used in DNS manager's resource records instead of well-known '@' symbol.

Recommended settings for the all of your domains

Caching -> Configuration -> Always Online -> turn ON
Always Online helps your site to stay online if your server goes down.
Apparently will work for the websites with the static content.
SSL/TLS -> Edge Certificates (tab) -> Automatic HTTPS Rewrites -> turn OFF
Automatic HTTPS Rewrites helps you in unpredictable way (for you).
It vary your content even more than just e-mail rewriting (see below).

Suggestions:
  1. It is better to fix all mixed content problems by yourself.

Scrape Shield -> Email Address Obfuscation -> turn OFF
May brake HTML code.

Scrape Shield -> Hotlink Protection -> turn OFF (default)
Possibly you want to disable it, or enable.

What port will be used on your side (side of your server) for the web / WWW traffic

By default CF use port 80 and HTTP protocol (flexible mode).
If you want to change it to 443 and HTTPS protocol (full mode):
SSL/TLS -> Overview (tab) -> Automatic HTTPS Rewrites -> select Full
To revert it back to port 80 and HTTP protocol - select Flexible.
Suggestions:
  1. Please remove all unconditional redirects (like 302, 301, 307 etc) from HTTP to HTTPS on your (server) side to avoid infinite redirect loop to HTTPS.
    You can use server's rewrite rules to distinguish CF visit from the direct visit and redirect user accordingly.

Other specific

  1. Cloudflare protects e-mail's defined on site - this will vary your content.

  2. Your support tickets will be avail on https://support.cloudflare.com/hc/en-us/requests .

helpful PHP code for the Cloudflare users

$global_remote_addr = '';
if (!empty($_SERVER['REMOTE_ADDR'])) $global_remote_addr = $_SERVER['REMOTE_ADDR'];
if (!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) $global_remote_addr = $_SERVER['HTTP_CF_CONNECTING_IP']; //cloudflare
//$_SERVER['REMOTE_ADDR'] = $global_remote_addr; //for backward copability, it is not good to do so.
$global_canonical_scheme = 'http';
if (!empty($_SERVER['HTTPS'])) $global_canonical_scheme = 'https';

//cloudflare
$cf_visitor = array();
if (!empty($_SERVER['HTTP_CF_VISITOR'])) {
$cf_visitor = json_decode($_SERVER['HTTP_CF_VISITOR'], true);
}

if (!empty($_SERVER['HTTP_X_FORWARDED_PROTOCOL'])) {
if ($_SERVER['HTTP_X_FORWARDED_PROTOCOL'] == 'https') {
$global_canonical_scheme = 'https';
}
}

if (!empty($cf_visitor['scheme'])) {
if ($cf_visitor['scheme'] == 'https') $global_canonical_scheme = 'https';
}

helpful mod_rewrite (Apache) code for the Cloudflare users

<IfModule mod_rewrite.c>
#Avoid to use IfModule condition for the website critical conditions below
RewriteEngine on

RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ - [env=proto:https]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ - [env=proto:http]

RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
RewriteRule ^(.*)$ - [env=proto:http]
RewriteCond %{HTTP:CF-Visitor} '"scheme":"https"'
RewriteRule ^(.*)$ - [env=proto:https]

RewriteCond %{HTTP_HOST} ^(www\.)([^.]*)\.([^.]*)$ [NC]
#RewriteRule (.*) %{ENV:proto}://%2.%3/$1 [L,R=301]
RewriteRule (.*) https://%2.%3/$1 [L,R=301]

<IfModule>

Cloudflare HTTP headers example

HTTP_CF_CONNECTING_IP  =  11.22.33.44
HTTP_CF_IPCOUNTRY  =  US
HTTP_CF_RAY  =  44de3e26b68196e8-FRA
HTTP_CF_VISITOR  =  {"scheme":"http"}
HTTP_CONNECTION  =  Keep-Alive
HTTP_HOST  =  mydomain.com
HTTP_USER_AGENT  =  curl/7.43.0
HTTP_X_FORWARDED_FOR  =  11.22.33.44
HTTP_X_FORWARDED_PROTO  =  http