If the URL matches > example.com/*
Choose "Forwarding URL" from the "Pick a Setting" drop down menu
Select status code > "301 Permanent Redirect"
Enter destination URL > https://www.example.com/$1
Save
IMPORTANT: Also create a CNAME record in DNS: www > example.com
Disabling Cloudflare Features on WordPress Admin Pages
If the URL matches > *example.com/wp-admin/*
Select "Bypass" for "Cache Level"
Add "Disable Performance"
Add "Disable Security"
Save
Security > WAF
Rate Limiting Rules on Login
Click "Protect your login"
Enter your login URL > *example.com/wp-admin/
Deploy
Click "Protect your login"
Enter your login URL > *example.com/wp-login.php*
Deploy
Firewall Rules for Foreign Visitors
Create firewall rule
Rule name > any words
When incoming requests match
Field > Country; Operator > does not equal; Value > United Status
Then, Choose an action > Managed Challenge, Save
Firewall Rules for Trusted IPs
Go to Manage Account > Configurations > Lists
Create new list
Type any words in List name, such as “trusted_ip", Content type > IP Address, Create
IP Address > input your IP address, Add to list.
Create firewall rule
Rule name > any words
When incoming requests match
Field > IP Source Address; Operator > is in list; Value > the list name from above
Then, Choose an action > Allow, Save
Speed > Optimization
Automatic Platform Optimizations for WordPress
Install and activate the Cloudflare WordPress plugin
Create the API token from Cloudflare
Add the API token to Cloudflare WordPress plugin
Enable Automatic Platform Optimizations and Cache By Device Type
Go to Caching > Configuration > Purge cache > Purge Everything
