Signing up for Cloudflare¶
First you'll need to have access to an account created at www.cloudflare.com.
When you log into the account you should be greeted with a box that requests a name to be entered into the "Enter comma-separated domain names" box.
Enter a relevant name here and click on "Begin Scan"
Once this is done, you will need to compare the scanned records with the records that the current DNS server has.
This means that you will need access to the current DNS provider.
If the client is unsure who this is, you can run the following command, which should give you an idea
dig www.domain.com NS
Which should return something like this
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
; <<>> DiG 9.11.1-P3-RedHat-9.11.1-2.P3.fc26 <<>> www.domain.com NS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9422 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;www.domain.com. IN NS ;; ANSWER SECTION: www.domain.com. 2688 IN NS ns2.livedns.co.uk. www.domain.com. 2688 IN NS ns1.livedns.co.uk. www.domain.com. 2688 IN NS ns3.livedns.co.uk. ;; Query time: 26 msec ;; SERVER: 184.108.40.206#53(220.127.116.11) ;; WHEN: Wed Oct 18 14:18:57 BST 2017 ;; MSG SIZE rcvd: 116
In this case livedns.co.uk is being used as the nameserver, which is controlled by fasthosts.
Once you have visibility of the records with the current DNS provider, you need to go ahead with the comparison.
If you need to change anything to the Cloudflare records, simply click on what you need to edit.
If you need to add a record, then use the drop down box at the top of the records list to pick then type and then insert the relevant info.
Once you are happy then continue.
You should now see a selection of plans. Chances are you are going to want to go with the free plan. Continue on with whatever you need to choose.
You will now be presented with a list of nameservers. The left nameservers are the ones that are currently in use on the current dns provider. You need to access the current DNS provider and change these nameservers to the ones in the right column.
Once this is done hit continue.
That's it. You will now be on a page that lets you know the current status of the changes and to allow 24 hours for it.
Integration with Magento 2¶
- Sign up or Sign in using client Magento Marketplace account
- Download Cloudflare extension via here
Enabling Web Application Firewall¶
To enable Web Application Firewall
- Login to your Cloudflare account
- Click on your domain
- Click on Firewall
- Scroll down to see the "Web Application Firewall" tab and click "On"
- Enable rule for Magento from "Package: Cloudflare Rule Set", and any other rules that seems to be reasonable.
- Enable rules from "Package: OWASP ModSecurity Core Rule Set", the seems reasonable also.
- Set OWASP sensitivity to "Low" as that is the recommendation from Cloudflare themselves