Cloudflare and Joomla Recommended First Steps
These basic steps will help reduce common areas of confusion for Joomla users that are new to the Cloudflare services. In addition, these steps are very quick and will generally take you only a few minutes of your time to help you make your experience using Cloudflare better.
Restore visitor IP by following the directions in this article. Since Cloudflare acts as a proxy for sites using our network, Cloudflare's IPs are going to show in your logs, including comments, unless you install something to restore the original visitor IP.
Why should you restore visitor IP?
If you receive a lot of comments or spam on your blog, you may mistakenly believe that Cloudflare is spamming you. Some other Joomla plugins or extensions may also rely on the original visitor IP for the services to work properly and reduce false alerts.
Create a Page Rule to exclude the Joomla admin or Joomla login sections from Cloudflare's caching and performance features.
Why do this?
While there is not always an issue, we have seen instances where optional performance features like Rocket Loader may inadvertently break certain functions (editors, etc.) in your Joomla back end.
You can use WAF custom rules to skip certain security features for IP addresses you want traffic from or expect traffic from. Some common services you probably want to allow include:
- APIs you are getting data from
- Monitoring services you use to monitor your site's uptime
- Security services
- IP addresses you frequently log in from
Why do this?
If you have enabled and configured Cloudflare's Web Application Firewall, legitimate services and/or you may get challenged while accessing your backend. To prevent issues on your site, consider skipping certain security features for requests coming from known IP addresses.
If you are using services like .htaccess, firewalls or server mods to manage access to your site from visitors, you must ensure that requests from Cloudflare's IP ranges ↗ are not being blocked or limited in any way. The number one cause of "site offline" issues in Cloudflare's support channel is something blocking or restricting requests from Cloudflare IPs. To prevent this, ensure that all of Cloudflare's IPs are allowed on your server.
Why do this?
Prevent false offline messages from appearing on your site to you or visitors.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark