Joomla Blog

Tutorials, reviews, case studies and other tips to help website owners and website developers master the Joomla content management system.

CloudFlare Brings Joomla Optimization and Security to the Rest of Us

Posted by on in Review
  • Font size: Larger Smaller
  • Hits: 32723
  • 0 Comments
  • Subscribe to this entry
  • Print

I have to admit that I ended up far more impressed with CloudFlare than I expected. The main drawback for me was not having control of DNS myself, but this has become a non-issue so far. As long as CloudFlare improves and remains stable and secure as a company, I don't see this as being a problem. So far, the benefits outweigh the negatives by far.

Web security is such an important topic, but it's often far too technical for those web developers that are drawn to Joomla specifically because it's relatively easy to setup and use. Just as Joomla hides much of the inner workings of a website, CloudFlare hides the layers of optimization and security.

CloudFlare is basically a CDN provider, but the fact that they also filter traffic before it ever hits your site is a great benefit. We've written on CDNs previously, and they were discussed in one of our recent webinars as well. CDNs, or Content Delivery Networks, cache your static content and serve it from their highly optimized servers based on the geographical location of each of your visitors. But CloudFlare is not a typical CDN.

What makes CloudFlare different from other CDN providers is the overall package they provide and the ease of setup involved. For instance, CloudFlare also provides security services that are basically crowdsourced by their community. They use well know IP address stats for blacklisting, but they also allow some of the web developers in their community to report on bad addresses and users so they can ban them or force stronger checking across their entire network. For instance, if people start having a problem with one specific IP address, anyone from that IP address accessing any site in CloudFlare's network will be presented with a Captcha challenge before they have access to the requested site. Proof that there's "power in numbers."

CloudFlare's traffic filtering can be great if you're on an already busy server or if you're charged for bandwidth. If the well known internet bad guys never make it to your site, you never have to pay for their bandwidth again.

CloudFlare also provides some very interesting analytics. With the site I tested for this article, after the first day I could already see what threats were stopped and what search engines had the site indexed, among other more common stats. They do have a great looking dashboard, even at their basic level, which is free.

 

cloudflare-analytics1

 

 

cloudflare-analytics2

 

For testing, I used a basic YOOTheme template which features Warp as the Framework. The site includes very little content, but does have a contact page, is running a Kunena forum and includes a very unoptimized main image on the home page. To start, I ran the site through GTMetrix.com, our testing site of choice. I then re-ran the test after setting up CloudFlare, and again after enabling basic Joomla optimization. The results are shown below.

But first, let's talk about that dead simple setup.

  1. Sign up at CloudFlare.com
  2. Enter your website's URL when prompted
  3. CloudFlare scans your site for DNS records - click continue when done
  4. Check all DNS settings on the next page
  5. Set performance and safety settings as prompted
  6. Change your nameservers at your current domain registrar to CloudFlare servers

Checking the DNS records scanned by CloudFlare may be the hardest step in setting up. If you aren't completely clear on what your DNS settings should be you have two choices. Examine your settings on your existing server and match them exactly, or trust CloudFlare and try to fix things later if you have any problems. As a note, I did also get an SSL warning that made me think a bit. It may have been because I have an SSL certificate on another site on that server. I successfully moved on with no problems, but if you do need SSL services, you'll have to opt for the paid version of CloudFlare.

On another, much more heavily visited, site we also noticed some issues with visitors receiving errors until we whitelisted some IP ranges provided by CloudFlare, so keep that in mind if you decide to give it a try. There is also a Joomla Extension available that may help with IP tracking, but it was not included for this test.

So, anxious to see results?

 

gtmetrix-grades


Base Test

67 - D - Page Speed
69 - D - Yslow


After Cloudflare

75 - C - Page Speed
89 - B - Yslow


After CloudFlare + Basic Joomla Optimization

97 - A - Page Speed
98 - A - YSlow

I was pretty stunned to see two A grades from a Joomla site. I'm pretty conscious not to focus solely on the grade when optimizing a Joomla website, but getting two A grades without even trying hard is impressive to say the least.

Relying on a third party when it comes to optimization, security or any other highly important aspect of running a website always carries some risk. You're trusting that they are doing things right on their end, and that their business will be around for a good long while.

CloudFlare so far feels like a great solution for easy optimization and security for a Joomla website. The fact that they have a free level makes it even better. If you decide to check out the service, let us know what you think about the process and the results in the comments below.

Rate this blog entry:
Build A Joomla Website writer and moderator, lover of CSS...waiting for hockey season to start again.

- Is responsive web design all it's cracked up to be?

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Wednesday, 22 October 2014