Cloudflare sits in front of your website as a free content delivery network and security layer — caching your content around the world, filtering out malicious traffic, and often speeding up load times. Connecting it to a cPanel-hosted site is a DNS change done carefully. Here’s how to set it up right.
What Cloudflare actually does
When you route your site through Cloudflare, visitor requests hit Cloudflare’s network first. Cloudflare serves cached content from a nearby location (fast), blocks a lot of bad traffic before it reaches your server (secure), and only passes genuine requests through to your hosting. Your server does less work, and visitors get quicker responses. The core service is free.
The setup, step by step
- Create a free Cloudflare account and add your domain.
- Cloudflare scans your existing DNS records and imports them. Check this list carefully — make sure your website’s A record and, crucially, your email-related records (MX and mail) all came across. Missing records break things.
- Cloudflare gives you two nameservers.
- At your domain registrar, replace your current nameservers with Cloudflare’s.
- Wait for the change to propagate (minutes to hours). Cloudflare emails you when your domain is active.
The critical point: don’t break your email
This is where people go wrong. When Cloudflare imports your DNS, your website’s record should be “proxied” (the orange cloud), but your mail records must stay unproxied (grey cloud). Cloudflare only proxies web traffic, not email — if you accidentally proxy your mail record, your email stops working. Leave MX and mail-subdomain records set to “DNS only”. Double-check this before and after the switch.
Keep SSL working
You’ll have SSL on two legs now: between the visitor and Cloudflare, and between Cloudflare and your server. Set Cloudflare’s SSL mode to Full (or Full Strict) so it uses your server’s existing certificate for the back-end connection. Setting it to “Flexible” can cause redirect loops with a site that already forces HTTPS, so avoid that mode if your hosting has its own certificate — which ours does via AutoSSL.
Useful settings to enable
Once active, a few Cloudflare settings are worth turning on: Auto Minify and Brotli compression for faster loads, Always Use HTTPS to force secure connections, and the caching options to serve more content from Cloudflare’s edge. Start conservative and enable more as you confirm your site behaves.
Watch out for caching confusion
With Cloudflare caching your content, remember there’s now an extra cache to clear when you make changes. If an update won’t appear, purge Cloudflare’s cache (from its dashboard) in addition to any caching plugin on your site. Our guide on clearing caches covers the full list.
When you’d want this
Cloudflare is especially worthwhile if your audience is spread across regions, if you’ve faced attacks or heavy bot traffic, or if you simply want a free performance and security boost. The main risk is misconfiguring DNS during setup — particularly email records. If you’d like us to handle the Cloudflare setup and make sure your email keeps working, just open a ticket. We do this regularly.