How to Set Up Cloudflare with GoZen Host

Cloudflare is a free CDN and security service that sits between your visitors and your GoZen Host server. It caches your site’s static files on 300+ edge servers worldwide, blocks malicious traffic, and can significantly reduce page load times for international visitors.

What Cloudflare Does link

• CDN caching – serves static files (images, CSS, JS) from the nearest edge server to your visitor
• DDoS protection – absorbs and filters malicious traffic before it reaches your server
• Free SSL – provides a universal SSL certificate (works alongside GoZen’s AutoSSL)
• Firewall rules – block bad bots, specific countries, or attack patterns
• Performance – minification, Brotli compression, and HTTP/3 support

When to Use Cloudflare (and When Not To) link

Use Cloudflare if:

• Your visitors come from multiple countries and you want faster load times globally
• You’re experiencing bot attacks or DDoS attempts
• You want an extra layer of WAF (Web Application Firewall) protection

You may not need Cloudflare if:

• Your audience is primarily in one region (GoZen Host servers already have great EU connectivity)
• You’re already using LiteSpeed Cache with a CDN (like QUIC.cloud)
• You want to keep DNS management simple

Step 1: Create a Cloudflare Account link

1. Go to cloudflare.com and sign up
2. Click Add a Site
3. Enter your domain name (e.g., yourdomain.com)
4. Choose the Free plan (covers CDN, DDoS protection, and basic firewall)
5. Click Continue

Step 2: Update Your Nameservers link

Cloudflare will scan your existing DNS records and import them. Review the list to make sure all records are correct, then:

1. Cloudflare gives you two nameservers (e.g., name1.ns.cloudflare.com, name2.ns.cloudflare.com)
2. Log in to your domain registrar
3. Replace your current nameservers with the Cloudflare nameservers
4. Save the changes

Important: You’re replacing the GoZen nameservers (ns1.gozenhost.com, etc.) with Cloudflare’s. This means Cloudflare handles your DNS from now on. Your hosting still runs on GoZen Host servers, but DNS flows through Cloudflare.

Wait for DNS propagation (usually 15-60 minutes, can take up to 24 hours).

Step 3: Verify DNS Records link

Once Cloudflare is active, check that all your DNS records are correct in the Cloudflare dashboard:

Critical rule: Email records (MX, mail CNAME) must be set to DNS only (gray cloud). If you proxy email records through Cloudflare, email will break.

Step 4: SSL Configuration link

Cloudflare provides its own SSL, but it needs to work with GoZen’s AutoSSL. Set this correctly or you’ll get redirect loops.

1. In Cloudflare, go to SSL/TLS > Overview
2. Set SSL mode to Full (Strict)

flowchart LR
    A["Visitor"] -->|HTTPS| B["Cloudflare Edge"]
    B -->|HTTPS| C["GoZen Host Server"]
    
    style A fill:#e3f2fd,stroke:#1976d2,color:#1a202c
    style B fill:#fff3e0,stroke:#f57c00,color:#1a202c
    style C fill:#e8f5e9,stroke:#388e3c,color:#1a202c

WordPress redirect loop? If your site keeps redirecting after enabling Cloudflare, your SSL mode is probably set to “Flexible.” Change it to “Full (Strict).” See Fix WordPress Redirect Loops.

Step 5: Optimize Performance Settings link

In the Cloudflare dashboard, fine-tune these settings:

Speed > Optimization link

• Auto Minify: Enable for JavaScript, CSS, and HTML
• Brotli Compression: Enable (better than gzip)
• Early Hints: Enable (sends hints to browsers about resources to preload)
• HTTP/3 (QUIC): Enable

Caching > Configuration link

• Caching Level: Standard
• Browser Cache TTL: Respect Existing Headers (let LiteSpeed Cache handle this)
• Always Online: Enable (shows cached version if your server goes down)

Page Rules (Optional) link

You can create page rules for specific behavior:

• Cache Everything for static pages: yourdomain.com/about/*
• Bypass Cache for admin areas: yourdomain.com/wp-admin/*
• Bypass Cache for WooCommerce: yourdomain.com/cart/*, yourdomain.com/checkout/*

Cloudflare + LiteSpeed Cache link

If you’re using LiteSpeed Cache for WordPress, both can work together:

1. In LiteSpeed Cache > CDN > Cloudflare API
2. Enter your Cloudflare API Token (create one at cloudflare.com > My Profile > API Tokens)
3. LiteSpeed Cache will automatically purge Cloudflare’s cache when you update content

This way you don’t have to manually clear Cloudflare’s cache every time you make changes.

Security Settings link

Firewall Rules (Free Plan) link

You get 5 free firewall rules. Recommended setup:

1. Block Known Bad Bots:

   • Field: User Agent
   • Contains: SemrushBot or AhrefsBot (if you don’t want SEO tool crawlers)
   • Action: Block

2. Challenge Suspicious Countries (if applicable):

   • Field: Country
   • Action: Managed Challenge

3. Protect wp-login.php:

   • URI Path equals /wp-login.php
   • AND Source IP not in your IP range
   • Action: Managed Challenge

Bot Fight Mode link

Enable Bot Fight Mode in Security > Bots. This automatically challenges traffic that looks like automated bots.

Under Attack Mode link

If you’re actively being DDoSed, enable Under Attack Mode temporarily. This shows a JavaScript challenge to all visitors for 5 seconds before letting them through. Use sparingly because it adds friction for real visitors.

Troubleshooting link

Related Articles link

• DNS Propagation Explained
• SSL Certificates on GoZen Host
• LiteSpeed Cache for WordPress
• Fix WordPress Redirect Loops
• WordPress Speed Optimization
• GoZen Network - our global network infrastructure and peering