Help needed desperately

Hi,

I am working in ngo, non-profit organization. Because of regular ddos-attacks I create a Cloudflare account. There is some errors, I guess it is up to configurations. I ve got these from diagnostic:
Check DS record configuration

Check site speed (TTFB)

slow_ttfb_on_cache
The response was slower than 800ms and the requested resource is cacheable on Cloudflare.

Our site is extremely slow after Cloudflare. Can somebody be my angel and help me?

Could you please share the domain? :slightly_smiling_face:

1 Like

Your initial request is not getting cached by Cloudflare because it is declared dynamic. Therefore you will not see any TTFB improvement for the initial request. Since you are using Wordpress, Cloudflare does offer a product, that exactly addresses this problem: APO

Cloudflare is not the problem. I tried hitting your origin directly and the request is just as slow. If your website is static, you could create a Page Rule with “Cache Everything” enabled. Otherwise you’ll have to make your origin return a response faster.

1 Like

Hi,

Thank You very much for your help. I have been quite desperate with this issue :wink:

Br,
Eeva

Hi again,

I ve got an error: Page Rule validation failed: See messages for details. (Code: 1004)
I tried to create Page rule of our domain and set cache level cache everything.

Are those nameservers still probagating?

Could you send a screenshot of rule you’re trying to create?

I don’t think so. But you need to block connections that don’t come from Cloudflare IP ranges - otherwise people can bypass Cloudflare using your origin IP from Historical DNS.

Hi,
I am still wondering is it easier to buy APO or should I block those connections anyway?

You always need to block connections that don’t come from Cloudflare IP ranges no matter what add-on products you’re using. AOP can provide speed improvements for WordPress sites but it does nothing in terms of security afaik.

This is quite challenging. I am using Wordfence in the Wordpress and I have blocked there some countries. Do I have to block also in Cloudflare?

I am not talking about Cloudflare Firewall. You must configure the firewall on your origin server to only allow connections from Cloudflare IP addresses. Otherwise attackers can send requests directly to your origin server and bypass Cloudflare’s DDoS protection.

Sorry I am so newbe. We have shared hosting, so is it possible?

Maybe. Maybe not. You would have to ask your hosting provider.

The answer was clear not.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.