Setup the domain with Cloudflare.

  1. Add domain to WMS Cloudflare account. From the page you’re on after logging in to Cloudflare, click the “+ Add a Site” button. Enter the domain name and click the “Add Site” button.
  2. On the next page, select the plan you want (this would normally be the Pro plan), then click the “Confirm Plan” button.
  3. Cloudflare will attempt to import any existing DNS info there may be from the pre-existing nameservers (there may not be any). When it’s done importing, it will present a DNS maintenance page.
  4. You will need to confirm / create / change the DNS records so there are three entries:
    • Click “+ Add a Record”, and create a new record with type “A”, name “@”, and IPV4 address equal to the address of the server this site will reside on. The TTL should already be set to “Auto”, and the proxy status should be “Proxied” with the orange cloud visible. When complete, click “Save”.
    • Click “+ Add a Record”, and create a new record with type “CNAME”, name “www”, and target “@”. The TTL should already be set to “Auto”, and the proxy status should be “Proxied” with the orange cloud visible. When complete, click “Save”.
    • Click “+ Add a Record”, and create a new record with type “CNAME”, name “staging”, and target “@”. Click the orange proxy status cloud, which should change to “DNS Only”. The TTL should already be set to “Auto”. When complete, click “Save”.
  5. Click the “Continue” button, which will take you to the “Change your nameservers” page.
  6. Change the nameservers at the customer’s registrar. The procedure will vary depending on what service they use. When finished, click the “Done, check nameservers” button. If everything worked you will go to the “Quick Start Guide” page. Click the “Get Started” button to continue.
  7. For the Quick Setup on Free plans:
    • (Free) Set Automatic HTTPS Rewrites to “On”.
    • (Pro) Set SSL Encryption Mode to “Full (strict)”.
    • Set Always Use HTTPS to “On”.
    • Set Auto Minify on for Javascript and CSS.
    • Set Brotli compression to “On”.
  8. Click “Finish”. This will most likely take you to the “Complete Your Nameserver Setup” page because your nameserver changes have not propagated throughout the DNS system yet. Just be patient.

  1. Go thru the toolbar and change these settings:
    1. On SSL, SSL/TLS Encryption Mode to “Full (strict)”.
    2. (Pro) On Firewall > Managed Rules, turn on Web Application Firewall.
    3. (Pro) On Firewall > Managed Rules, in the OWASP section:
      1. Set the Sensitivity to “Medium” and the Action to “Block”
      2. Turn on the WordPress, SQL Injection, and URI XSS Attack rulesets.
    4. (Pro) On Firewall > Managed Rules, in the Cloudflare Managed Ruleset section:
      1. Turn off Flash
      2. Turn on Miscellaneous
    5. On Firewall > Firewall Rules, create 5 basic firewall rules.
    6. (Pro) On Speed > Optimization, set Polish to “Lossy”, and check WebP
    7. On Network
      1. Turn on HTTP/3 (QUIC)
      2. Turn on 0-RTT Connection Resumption