how can I use cloudflare? (full explaination)

Cloudflare is most useful dns tool site in the world. cloudflare supports ddos protection and cdn service for free!

Let's learn about cloudflare!

https://cloudflare.com 


First, make an account.

how I setting cloudflare sign up to setting at first ?

1.press the sign up button



2.write your information in cloudflare



3.write your domain(like nesez.net)




4.select your plan



5.press confirm plan button



6.setting dns record



like this, you can get two name server.

you should change name server to cloudflare's nameserver


6-1check nameserver (if you already check-in cloudflare)



6-1.2 press continue button




select your tls/ssl encryption

off:no ssl



flexible:encrypt cloudflare-user not server-cloudflare



full:end to end encryption (you can use non-CA certification)



full(strict):you must use trusted CA certificate or cloudflare's certification



the recommendation about setting is full (strict)


after setting is done, press the save button



the setting about always https. It is simmilar to hsts technology. I recommend turn on always use https

after setting is done, press the save button



this is the convenience service in cloudflare. This function gives you using lower traffic and good performance for user experimence



Let's check all of that.



the setting of brotli. It gives you fast experimence

press the save button



cloudflare gives your setting result in simple summary.

press the finish button



you have to set the nameserver to cloudflare's name server.

If you finished the setting of cloudflare, press the RE-CHECK now button.

The nameservercheck process will be finished in few minutes.

Let's go to cloudflare again.



cloudflare gives you funny functions.

Let's press the Dns button




this function is very simple but very strong.

Let's find out the reason

Press Add record button.



we can make record with many types of record.

A/AAAA/CNAME/txt/ etc...

Let's make a record with A record.



write @ to get root domain record.



Write the ip adress which you want to link with.

Few minutes later, you can see your domain and ip adress is connected.

Next, Let's setting the security settings.




Press the ssl/tls button.



Click Edge Certificates.




Click order advanced certificate.



0/per month:CA is cloudflare and use cloudflare's universal ssl.

10/per month: you can customize ssl CA and settings.


After setting, Let's back to Edge Certificates setting.



change hsts settings. press the change hsts settings button



Check I understand check box. And press next button.



I would check enable hsts.



I will set 12 months.



And apply subdomain settings(like *.nesez.net)



And set preload to get preload setting in browsers(ex.chrome)




And set No-sniff Header.

And press Save button.

And scroll down.



We can see Minimum tls setting. I recommend tls 1.2. Because tls 1.0 and tls. 1.1 don't be supported anymore.


capture:ssllabs/


Like this, tls 1.2 and tls 1.3 is recommended.

And scroll down.



I recommend automatic https rewrites. It is likely to hsts and always https.

Let's move to Origin server.



You can make private key with rsa



you can make origin certificates.

Press Create certificate.



Press next. and look your Origin Certificate and Private key. and press ok button.



And go to Scrape Shield.




Let's check hotlink protection. It will save your traffic.


Thanks for watching and give me reply anything to question or rewrite.

Post a Comment

0 Comments

recent post