Cloudflare sits between your visitors and your website, speeding it up with a global cache and shielding it from attacks. The free plan is genuinely useful for small businesses — but the dashboard is full of switches, and a few wrong ones can take your site or email offline. Here is the plain-English version.
What Cloudflare actually does
- CDN / caching: serves your images and files from a server near each visitor, so pages load faster worldwide.
- Security: blocks malicious bots and absorbs DDoS attacks before they reach your server.
- Free SSL: provides an HTTPS certificate so your site loads securely with the padlock.
- DNS: a fast, reliable place to manage where your domain points.
The right way to set it up
You point your domain's nameservers to Cloudflare, then Cloudflare imports your existing DNS records. This is the step that breaks email — if your mail (MX) records or SPF/DKIM aren't imported correctly, your email stops arriving. Always verify them after setup with our free email deliverability checker and DNS health checker.
Settings worth turning on
Always Use HTTPS, Auto Minify, Brotli compression, and a sensible caching level give you most of the speed and security benefit. Set SSL mode to Full (strict) — not Flexible, which can cause redirect loops. Check your security headers afterward with our security headers checker.
Settings that quietly break sites
Aggressive caching can serve stale pages; "Rocket Loader" can break JavaScript; and proxying (the orange cloud) on mail or FTP records will break those services. When in doubt, leave the orange cloud off for non-web records.
Let us set it up for you
We configure Cloudflare correctly — speed, security, SSL, and DNS — without breaking your email, as part of our hosting and security work. Ask us to handle it.