Protecting Your October CMS Website With Cloudflare

Protecting Your October CMS Website With Cloudflare

Introduction

Today, I will show you some of the ways we protect October News with the power of Cloudflare. For those who don't know about Cloudflare, it's basically a gatekeeper between internet visitors and your website. Think of it like a gated community and that those entering must go through the security gate first. This way, your own servers don't have to work as hard in protecting your site. Some of the most notable features that Cloudflare offers are DDoS protection, a fast CDN, a secure DNS, and so much more! Did I mention these are also available on the Free plan? 🤯

Using SSL/TLS Encryption

Full strict SSL/TLS encryption active

October News uses the Full (strict) option to enable end-to-end encryption between our servers and Cloudflare's network. This ensures that all traffic is safe and secure on both ends. While not entirely crucial to have for a site like this (which does not handle payments or any personal information other than email addresses), we believe that security should be the number one priority in keeping your websites safe from attackers. You can learn more about Cloudflare's SSL/TLS encryption here.

Using DNSSEC

DNSSEC active and protecting october-news.com

The Domain Name System Security extensions, DNSSEC for short, verifies that all instances of "october-news.com" get converted to the actual IP address that it was assigned to. Rarely does an event occur where hackers are able to modify and redirect users to malicious sites on the DNS level, but it can happen to anybody. According to Namecheap, DNSSEC is "aimed at strengthening trust in the Internet by helping to protect users from redirection to fraudulent websites and unintended addresses." You can learn more about the importance of DNSSEC over at the Namecheap Knowledgebase.

Using Firewall Rules

3 active Firewall rules

Here, you'll see that October News uses firewall rules that either allow or block visitors under certain conditions. One of which we called "Malicious Protection" that blocks unwanted visitors from trying to access our backend dashboard. Unfortunatly, the specifics of this will remain confidential in order to protect October News and everyone visiting our site. Let's just say, if you ever see this message on our site (see screenshot below), it's Cloudflare's firewall at work.

Error 1020 access denied

In the free plan, Cloudflare allows for a maximum of five firewall rules to work with. We've only used three firewall rules and that's all we really needed to secure the website from harmful bots and attackers.

Cloudflare Access

Cloudflare access with Google login method

Cloudflare Access makes it easy to protect the important pages of your site by authenticating via a third-party login method. In our case, the backend requires authentication through a Google account. This ensures that only authorized users are able to access the backend of our site. You can see this in action for yourself at october-news.com/backend. But be warned as we're able to see who tried to gain access.

While this kind of protection isn't really necessary for October CMS websites, it does give us a peace of mind knowing that Cloudflare has our site protected from the unknown.

Hidden Security

While not noticable at first, Cloudflare will also mask our server's origin IP address from public view. So all internet traffic must go through Cloudflare first before ending up on our site. This ensures that DDoS attacks are detected and are promptly resolved by Cloudflare, if this sort of event ever occurs.

Conclusion

We hope that you'll take security very seriously when it comes to deploying websites, especially October CMS websites. Getting hacked can and will lead to severe consequences to you and your site. Cloudflare provides all the protections, that I mentioned, in their free plan. So there's really no reason you shouldn't have a secured website from the start. Cloudflare is one of many services, so it's up to you to decide if Cloudflare is the best fit for your site.

Disclaimer

This post is NOT sponsored or affiliated with Cloudflare in any way. This is my honest "review" of Cloudflare. If you found this information helpful, let us know on social media! ✌️