Cloudflare APO is a CDN optimization service for website building platforms like WordPress. As of now, this service is only available for WordPress sites. Cloudflare took into account the difficulty of serving dynamic HTML contents from the CDN and the solution they come up with is called Automatic Platform Optimization (APO). We contacted Cloudflare and they’re looking at fixing CF-Connecting-IP, since it isn’t showing the correct visitor IP. We recommend turning off the new Cloudflare APO feature temporarily. You should be able to turn it on again after the issue is fixed, but we haven’t heard an estimate on when that will be yet. With Automatic Platform Optimization (APO) Cloudflare will serve your entire site from our edge network, ensuring that customers see improved performance when visiting your site. Typically Cloudflare only caches static content, but with APO we can also cache dynamic content like HTML so the entire site is served from cache. Cloudflare notes that its testing shows that for HTML Time to First Byte (TTFB), APO provides consistent load times of less than 400ms. The results of using APO are similar to hosting static files on a CDN, but without a complex tech stack having to be handled. Cloudflare Automatic Platform Optimization (APO) is an initiative to optimize the delivery of websites that are built with different platforms like WordPress from the CDN of Cloudflare. For now, it is only for WordPress as this is a very new service.
What this plugin can do for you
Automatic Platform Optimization (APO)
Take your WordPress site’s performance to the next level with Automatic Platform Optimizations (APO). APO allows Cloudflare to serve your entire WordPress site from its edge network ensuring consistent, fast performance for visitors no matter where they are. Find out more in our announcement blog.
One-click WordPress-optimized settings
The easiest way to setup Cloudflare for your WordPress site. Let us configure Cloudflare with the tried and true settings for an optimal experience.
Bts official twitter. Web application firewall (WAF) rulesets
Available on all of Cloudflare’s paid plans, the WAF has built-in rulesets, including rules specifically tailored to mitigate WordPress threats and vulnerabilities. These security rules are always kept up-to-date, once the WAF is enabled, you can rest easy knowing your site is protected from even the latest threats.
Automatic cache purge on website updates
If you don’t take advantage of the performance benefits of Automatic Platform Optimization for WordPress, using the Cloudflare plugin still ensures that changes to the appearance of your website purge the cache. This means that you can focus on your website, while we ensure that the latest static content is always available to your visitors.
Additionally, Cloudflare’s plugin for WordPress automatically refreshes the Cloudflare cache of static content for each post/page/custom post type when you update the content.
Header rewrite to prevent a redirect loop when Cloudflare’s Universal SSL is enabled
Change Cloudflare settings from within the plugin itself without needing to navigate to the cloudflare.com dashboard. You can change settings for cache purge, security level, Always Online, and image optimization
View analytics such as total visitors, bandwidth saved, and threats blocked
Support for HTTP2/Server Push
Make sure your PHP version is 7.2 or higher.
From your WordPress Dashboard
- Visit “Plugins” → Add New
- Search for Cloudflare
- Activate Cloudflare from your Plugins page.
- Download Cloudflare
- Upload the “cloudflare” directory to your “/wp-content/plugins/” directory, using ftp, sftp, scp etc.
- Activate Cloudflare from your Plugins page.
- Go to https://dash.cloudflare.com
- Login with your cloudflare account. If you don’t have a Cloudflare account, first sign up for Cloudflare.
- Navigate to the API Tokens section of the user profile (found in the top right corner of the dashboard).
- Select ‘Create Token’
- Select the ‘WordPress’ Template
- Select the Account and Zone to grant the plugin access to
- Then select “Continue to Summary” and “Create Token”
- Copy your API Token
- Return back to WordPress Cloudflare Plugin page
- Enter your email address and paste your API Token
- Press Login.
Do I need a Cloudflare account to use the plugin?
Yes, on install and activation of the plugin, first time users will be asked to enter their email address (used to sign-up for an account at cloudflare.com) and either an API Token or their API key. This is needed to support all the features offered by the plugin.
What settings are applied when I click “Apply Default Settings” in Cloudflare’s WordPress plugin?
You can review the recommended settings that are applied here.
What do I do if Cloudflare does not detect the WordPress plugin for use with APO (Automatic Platform Optimization)
APO works best when the WordPress plugin is used. We do not recommend using APO without the plugin installed. If you face issues with Cloudflare detecting the plugin then follow these steps:
1. Go to Cloudflare WordPress plugin
2. Disable APO in the card
3. Enable APO in the card (will set proper settings for APO feature)
4. Clear any server cache used via other plugins (WP Rocket being an example)
5. Verify that your origin starts serving response header “cf-edge-cache: cache,platform=wordpress”
You can read more about APO with WordPress here
Does the plugin work if I have Varnish enabled?
Yes, Cloudflare works with, and helps speed up your site even more, if you have Varnish enabled.
Cloudflare APO is very new but super important. This Cloudflare APO review is all about how it will impact the delivery of WordPress sites from its CDN. If you are using both Cloudflare and WordPress, this is going to get your attention.
It is now possible for WordPress sites to fully take advantage of Cloudflare’s CDN. From reducing the TTFB to the total load time of your website, everything is now a breeze with Cloudfare APO. Keep reading to know why I already like this one.
What Is Cloudflare APO
Cloudflare Automatic Platform Optimization (APO) is an initiative to optimize the delivery of websites that are built with different platforms like WordPress from the CDN of Cloudflare. For now, it is only for WordPress as this is a very new service.
But don’t take the naming too seriously like thinking that APO is a complete WordPress optimization solution similar to LiteSpeed Cache, WP Rocket, and other plugins. Because that’s not how APO works. APO is only a CDN specific optimization solution for WordPress, not content specific optimization solution. For instance, Cloudflare APO wouldn’t give you image optimization, that’s another paid service. You won’t also get services like generating critical CSS in APO that you would have in LiteSpeed Cache, WP Rocket, or other WordPress optimization plugins.
However, you already get some optimization features built into Cloudflare like HTML, CSS, and JS minification, Brotli compression, asynchronous loading of JS files using Rocket Loader, and so on. These optimizations aren’t specific to WordPress but can be used with any sites. Those optimization features may be free or paid but they are completely separate from APO and so aren’t included as part of the APO.
Cloudflare Edge Cache
Cloudflare APO Features
Cloudflare APO adds some very useful features that are necessary to serve WordPress sites from their CDN. Previously, you would face many problems when serving dynamic HTML files from their CDN. But with the feature set of Cloudflare APO, you now get to do that with so much ease. Here are the most important features of Cloudflare APO that can be super helpful for your WordPress site.
Bypass Cache for Logged In Users
You have probably already seen your name on the corner of your screen when browsing a website like say Facebook. It knows your name because you have logged in to that platform. The website, therefore, needs to show a different name for everyone.
However, if a CDN caches what you see on your screen and delivers it to everyone else, everyone will see your name on the screen instead of theirs. That’s why caching logged in visits can cause a big problem for a website.
In the case of WordPress, this feature is very necessary because you need to be logged into your WordPress site to write any contents or to make almost any changes. So, you see many additional options on the site which others don’t. But if your logged-in visit is to the website gets cached and delivered to everyone else, it will be a disaster. The same is also true for the opposite. So, if a non-logged-in user’s visit is cached and delivered to you when you are logged in, you won’t see all the additional options you see on your WordPress site when logged in. This will also be a big problem.
Cloudflare APO will solve this problem because of its bypass cache for logged-in users feature. This way, when logged in, your visit to the site will be served directly from your origin web server and not from the cached files of Cloudfare CDN.
Bypass Cache on Cookies
But what does this bypass cache feature do and does it even help your website?
Bypass cache on cookies will allow your visitors to see the right content that is meant for them. For instance, when you browse an online store, you will have your own items in the shopping cart, right? But if a CDN caches the cart page that you see and delivers it to everyone else, everyone will then see the will see your cart items on the cart page instead of seeing their own.
You see the users don’t necessarily need to be logged in to add items to their cart but their visit can’t still be served from the cache. And cookies are the thing that are used to identify each user differently based on their specific conditions like whether they are logged in, whether they have items in their cart, and many other conditions.
So, this sort of problem of delivering the wrong content to visitors can be fixed using the bypass cache on cookies feature. Therefore, this is a great addition in Cloudflare APO.
This bypass cache on cookies feature was previously available only from their $200/month business plan. But now you get it for just $5/month for WordPress sites as part of APO. That’s a bargain, right!
But if you just run a blog website or a simple business website where people don’t need to see specific content based on their individual scenario, you won’t find this feature very useful.
There are many plugins on WordPress that are dependent on cookies to deliver the right content to the right people. And identifying these cookies and delivering the content accordingly is therefore very necessary. However, you can’t just bypass cache for all cookies because there may be a cookie present on all your webpages. And in that case, your website will never be served from the cache. That’s why it is necessary to specify a cookie list for which the cache will be bypassed.
Cloudflare maintains a list of such selected cookies for which the cache will be bypassed. However, you won’t be able to add anything to this list. So, you will need to rely on their list of cookies. That’s why can check if your plugin works well with Cloudflare APO before starting to use it.
Below is a current list of the supported WordPress plugins by Cloudflare APO which have been tested to work well.
Following is the current list of WordPress plugins that have been reported to cause issues with Cloudflare APO.
* Be sure to check for the plugin compatibility of Cloudflare APO on their site because they will keep updating this list as they work on this even more.
Cached Response for Query Parameters
Other than the aforementioned two features, Cloudflare APO will serve cached contents for pages with specific query parameters. Query parameters are generally used to serve dynamic contents. So, when there are any query parameters present on an URL, Cloudflare APO will bypass the cache so that the right users can see the right contents.
However, not all query parameters are used to mean dynamic contents. For instance, when you click on a link from say Facebook, the link will automatically have a query parameter that is used for tracking but not for indicating dynamic contents. Query strings are also used for tracking purposes in marketing campaigns and so those query strings also don’t indicate dynamic contents.
That’s why the webpages render the same with or without these query strings. So, you can safely serve cached contents where these query parameters are present on the URL. And as you know serving cached contents from CDN can largely improve your website speed. So, you will be better off serving cached contents for these types of query parameters.
Cloudflare APO delivers a solution to this by supporting some query parameters for which cached files will be delivered and for any other query parameters cache will be bypassed. This way even when people click on your link from Facebook, Google, or when the link has a tracking parameter for your marketing campaign, Cloudflare can still serve cached contents without worrying about serving the wrong contents to the visitors.
Here is a list of the supported query parameters by Cloudflare APO.
Caching of External Scripts
Another feature you can count as part of APO is caching/storing external scripts in Cloudflare’s CDN. So, that those files can be delivered faster. This is a good to have feature but not as significant to the others mentioned earlier.
Cloudflare APO Review Conclusion
Cloudflare APO adds some important features necessary to deliver dynamic HTML files from its CDN. Its feature of bypassing cache for logged in users and on specific cookies, and delivering cached response for selected query parameters are game-changing. This will allow the delivery of the right contents to the right visitors and also the delivery of as many cached contents as possible.
Because of the Automatic Platform Optimization, Cloudflare’s CDN is now optimized for delivering entire WordPress sites from the CDN. Though it will still need many improvements for compatibility with many plugins, it is the right step forward.