I have a client that is using ecwid.com for Ecomm. Ecwid actually has the Ecomm URLs on its own server, but you install a Wordpress plugin and it looks like is is coming from your own store on your own server. A few problems have presented itself with a couple of them being we can’t cache the entire store through w3 Total Cache since since she has 9000+ products and it will cause the server to use high resources and the other issue is that Ewcid itself uses Cloudfront to deliver product images and possibly the content itself.
My question is how I should optimize Cloudflare to deal with the above challenges?
Despite of not knowing the capabilities of the origin host/server of ecwid provider, in terms of a W3TC, and despite this might be a question for StackExchange forums, but from my experience with, you would have to make sure and enable:
configure web server (Apache or Nginx or some other) → PHP tuning + PHP-OPCache (Zend)
Page Cache: Disk
Browser cache (configure per need)
Database cache: Memcached
Object cache: Redis
exclude cookie cache and pages like cart/account/checkout at W3TC due to the WooCommerce (if not by default)
Despite all of that, there is an option to use Page Rules and set Cache Level: Cache Everything and Origin Cache Control: On.
But, you still might end-up having cached webpage of a logged-in “admin user” and other normal visitors could end up seeing exactly that HTML webpage cached → this is not good.
Even the cached logged-in user (on some product/category?) and registered customers who might end-up having the same products - different than which they selected - in their cart, etc.
To solve this at Cloudflare end, the only thing which comes to my mind right now would be to use the feature called Bypass Cache on Cookie on a Page Rule (which requires at least a Business plan).
Bypass Cache on Cookie (Business and Enterprise plans only) — APO applies custom bypass cookies in addition to the default list.
Or, I might be wrong about this, and if you purchase a Pro plan and enable APO, this is obviously working? → I haven’t tested it yet, but as far as I see wp/wordpress/woocommerce at the list from below link:
But, if so, Pro plan + APO and without W3TC plugin → you cannot use W3TC with APO in combination as far as I know from my question back a year ago? - maybe something has been done?:
Otherwise, if your client’s website/webshop has got a lot of “normal web traffic”, think about getting a better origin host/server which could handle all that (cpu, ram, nvme ssd, dedicated 1gbps link, bandwidth).
Use tips how to block bad bots and bad ASNs, or even requests from specific countries at Cloudflare using Firewall Rules/IP Access Rules, configure security options, enable WAF and Managed Rules (requires Pro plan), have captcha at checkout/registration page and I believe you are good to go.
Enable optimizations like Polish and Mirage → requires Pro plan.
including available options like Brotli, HTTP/2, HTTP/3, 0-RTT, Rocket Loader, Auto Minfiy …