Cloudflare

Wordpress Plugin
Download latest - 4.2.0

Download Stats

Today 415
Yesterday 766
Last Week 5,062
All Time 1,577,061
Banner 772x250

What this plugin can do for you

One-click WordPress-optimized settings

The easiest way to setup Cloudflare for your WordPress site.

Web application firewall (WAF) rulesets

Available on all of Cloudflares paid plans, the WAF has built-in rulesets, including rules that mitigate WordPress specific threats and vulnerabilities. These security rules are always kept up-to-date, once the WAF is enabled, you can rest easy knowing your site is protected from even the latest threats.

Automatic cache purge

Occurs when you change the appearance of your website. This means that you can focus on your website, while we ensure that the latest content is always available to your visitors. (Note: By default, Cloudflare does not cache HTML, and a cache purge is not required on updating HTML content such as publishing a new blog entry).

Additional features

  • Header rewrite to prevent a redirect loop when Cloudflares Universal SSL is enabled

  • Change Cloudflare settings from within the plugin itself without needing to navigate to the cloudflare.com dashboard. You can change settings for cache purge, security level, Always Online, and image optimization

  • View analytics such as total visitors, bandwidth saved, and threats blocked

  • Support for HTTP2/Server Push


Releases (44 )

Version Release Date Change Log
3.4.0 2019-08-30
  • 2019-08-29 =

Added

  • Added support for API Token authentication.
3.4.1 2019-08-30
  • 2019-08-29 =

Fixed

  • Updated list of contributors.
  • Updated tested Wordpress version to latest (5.2.2).
3.3.3 2019-03-06
  • 2019-3-6 =

Fixed

  • Bug in Hooks.php causing errors in PHP 7+
  • Bug preventing Autoptimize plugin's optimized asset urls from being used when present and when Cloudflare HTTP/2 Push was enabled
3.3.2 2017-12-12
  • 2017-12-12 =

Fixed

  • Bug in cf-ip-rewrite

Added

  • Added a new filter cloudflare_purge_by_url allowing users to have better control on automatically purged urls.
3.3.1 2017-06-29
  • 2017-6-29 =

Fixed

  • Potential bug with using by unchecked $_GET.
3.3.0 2017-06-29
  • 2017-6-29 =

Added

  • Added a new Splash Screen
  • Added userConfig.js file allowing custom configurations.
  • Added logs in debug mode for Automatic Cache Purge.
  • Added logs for oversized Server Push HTTP headers.

Changed

  • Automatic Cache Purge now purges Autoptimize by everything rather than by URL.
  • Updated IP Ranges

Fixed

  • Bug where domains which had capital letters not working.
  • Bug where Automatic Cache Purge couldn't purge front page.
  • Bug related to work with IWP.
  • Bug where if PHP is compiled with ipv6-disable flag, it crashed the site.
3.2.1 2017-03-15
  • 2017-3-14 =

Fixed

  • Bug where accounts which had more than 20 zones would not show up correctly.
3.2.0 2017-03-01
  • 2017-3-1 =

Added

  • Bypass Cache By Cookie functionality.
  • HTTP/2 Server Push functionality (disabled by default).

Changed

  • Lowered the plugin size.
  • Automatic Cache Management feature includes purging taxonomies.
  • Automatic Cache Management feature supports sites which use both HTTP and HTTPS.

Fixed

  • Admin bar disappearing from the plugin.
  • Bug where spinner was loading forever.
  • Bug where the backend errors where not being shown in the frontend.
  • Issues where IE11 was not working properly.
3.1.1 2016-11-17
  • 2016-11-17 =

Changed

  • Moved Admin Bar behind Automatic Cache Purge toggle.
3.1.0 2016-11-17
  • 2016-11-17 =

Added

  • Added ability to automatically purge cache when a post is published, edited or deleted. (Thanks to brandomeniconi and mike503)
  • Added ability to work with Wordpress MU Domain Mapping plugin. (Thanks to brandomeniconi)

Changed

  • Changed the UI to look more like cloudflare.com dashboard.
  • Changed plugin description.
  • Disabled showing WordPress Admin Bar and Edit Post Link to avoid caching problems for users using HTML Caching.

Fixed

  • Fixed bug where require vendor folders was not working.
  • Fixed bug where static files were cached which caused issues updating the plugin.
  • Fixed dependencies which caused issues with PHP Compatibility Checker plugin.
3.0.6 2016-10-06
  • 2016-10-6 =

Added

  • Added ability to toggle Development Mode.

Fixed

  • Fixed bug where active zone dropdown was not working properly.

Changed

  • Compressed resources to lower plugin size.
  • Updated Cloudflare logo.
3.0.5 2016-09-28
  • 2016-09-28 =

Fixed

  • Fixed bug where refactored Flexible SSL fix was causing the settings page hook not to load.
3.0.4 2016-09-27
  • 2016-09-27 =

Added

  • Ability for users to toggle Automatic HTTPS Rewrites (enabled by default, solves for most mixed content errors).

Fixed

  • Fixed an issue where low PHP version where getting syntax error.
  • Fixed issue where some users using Flexible SSL where not able to login to wp-admin .
  • Fixed a bug where the active zone selector was not paginating through the whole zone list.
  • Fixed an issue where the setting for Image Optimization was being displayed incorrectly.
  • Fixed a bug in Analytics where theUniques Visitors data was not displaying accurately.

Changed

  • Compressed assets to lower plugin size.
  • Hooks loading logic refactored to make it more simple and readable.
3.0.3 2016-09-21
  • 2016-09-21 =

Fixed

  • Fixed an issue where some domains were being incorrectly propagated to the domain selector dropdown
  • Fixed an issue where the Web Application Firewall was accidentally triggering RFI Attack Rules
  • Fixed an issue where image optimization was not being enabled for Pro and higher CloudFlare plans
3.0.2 2016-09-16
  • 2016-09-16 =

Fixed

  • Disabled HTTP/2 Server Push which was leading to 520 and 502 errors for some websites.
3.0.1 2016-09-16
  • 2016-09-16 =

Fixed

  • Fixed HTTP/2 Server Push exceeding the header limit Cloudflare has which caused 520 errors.
  • Fixed warning message in HTTP/2 Server Push.
1.2.5.Beta 2016-09-15
  • BETA RELEASE: IPv6 support - Pull the IPv6 range from https://www.cloudflare.com/ips-v6. Added Development Mode option to wordpress plugin settings page.
1.2.6.Beta 2016-09-15
1.3.10 2016-09-15
  • Added IP ranges.
1.3.11 2016-09-15
  • Adjusted a line syntax to account for differing PHP configurations.
1.3.12 2016-09-15
  • Removed use of php short-code in a couple of places
  • Added some cURL / json_decode error handling to output to the screen any failures
  • Reformatted error / notice display slightly
1.3.13 2016-09-15
  • Clarified error messaging in the plugin further
  • Added cURL error detection to explain issues with server installed cert bundles
1.3.14 2016-09-15
  • Improved logic to detect the customer domain, with added option for a manual override
  • Standardised error display
  • Updated CloudFlare IP Ranges
1.3.15 2016-09-15
  • Plugin settings are now found under Settings -> CloudFlare
  • Plugin is now using the WordPress HTTP_API - this will give better support to those in hosting environments without cURL or an up to date CA cert bundle
  • Fixes to squash some PHP Warnings. Relocated error logging to only happen in WP_DEBUG mode
  • Added Protocol Rewriting option to support Flexible SSL
1.3.16 2016-09-15
  • Update regex to not alter the canonical url
1.3.17 2016-09-15
  • Limit http protocol rewriting to text/html Content-Type
1.3.18 2016-09-15
  • Bug: Clean up headers debugging message that can be displayed in some cases
1.3.19 2016-09-15
1.3.2.Beta 2016-09-15
  • BETA RELEASE: IPv6 support - Pull the IPv6 range from https://www.cloudflare.com/ips-v6. Added Development Mode option to wordpress plugin settings page.
1.3.20 2016-09-15
  • Updated the method to restore visitor IPs
  • Updated the URL rewrite to be compatible with WordPress 4.4
1.3.21 2016-09-15
  • Added input sanitization.
1.3.22 2016-09-15
  • Fixing bug which prevented a user from activating/deactivating the plugin
1.3.23 2016-09-15

Fixed bug that was preventing spam comments from being sent to CloudFlare

1.3.24 2016-09-15
1.3.25 2016-09-15
1.3.3 2016-09-15
  • Bump stable version number.
1.3.4 2016-09-15
  • Add in IPV6 support and Development Mode option to wordpress plugin settings page. Remove cached IP range text file.
1.3.5 2016-09-15
  • Disable Development Mode option if cURL not installed. Will Use JSONP in future release to allow domains without cURL to use Development Mode.
1.3.6 2016-09-15
  • Remove Database Optimizer.
1.3.7 2016-09-15
  • Remove Database Optimizer related text.
1.3.8 2016-09-15
  • Fixed issue with invalid header.
  • Updated IP ranges
  • Fixed support link
1.3.9 2016-09-15
  • Made adjustment to syntax surrounding cURL detection for PHP installations that do not have short_open_tag enabled.
3.0.0 2016-09-15
  • 2016-09-15 =

Added

  • Added one-click application oft WordPress specific recommended settings
  • Added ability to purge the CloudFlare cache
  • Integrated with WordPress cache management to automatically clear the CloudFlare cache on updating site appearance
  • Added ability to change CloudFlare settings (Always Online mode, Im Under Attack, Image Optimization, Security Level, Web Application Firewall)
  • Added Analytics showing Cached Requests, bandwidth used, unique visitors, threats blocked
  • Added Header rewrite to prevent a redirect loop when Cloudflares Universal SSL is enabled
  • Added HTTP/2 Server Push support
  • Added Support for PHP 5.3+

Removed

  • Removed HTTPS Protocol Rewriting
  • Removed submission of spam comments
  • Removed ability to toggle Development Mode On/Off

Changed

  • Updated user interface
  • Started to support WordPress 3.4+ instead of 2.8+ because we depend on the WordPress Options API
1.2.4 2016-09-15
  • Pull the IP range from https://www.cloudflare.com/ips-v4. Modified to keep all files within cloudflare plugin directory.