Cloudflare + DreamHost + Drupal - A User's Experience

Cloudflare Dreamhost Drupal

I've used DreamHost as my hosting service for many years now. They've always been reliable, helpful, and never had much of any kind of problem with their service. A few years ago, they partnered up with CloudFlare, allowing some seamless integration and communication between the two services (as well as offering a reduced Plus membership if you so wanted to), but I never really tried CloudFlare, until this weekend. Here is my experience with switching CloudFlare on, and getting it working on my site.

DreamHost made it very easy to be able to setup your domain or sub-domain that you want to use CloudFlare on. You simply check the box on that you want CloudFlare on, fill in your CloudFlare account information, and select whether you want to use the Free Service, or the paid service. Since my site is relatively small, with not a whole lot of traffic, I didn't really see the need to have the paid service. So I did all of this, and made sure that my CloudFlare account was setup and verified, and it seemed like all was good to go... except, it wasn't. There was some things I had to do and change to make it work.

First, I had to add on WWW to my top domain.

Typically, I never really liked the 'www' on my site names. I always preferred them to not be there. But using CloudFlare through DreamHost, I had to have it on. Ok, that wasn't a big deal. It did mean though that my site was down for a while / things not working quite as it should while DNS had to re-propagate, but it wasn't too long before it was up and running. With that set, I went about and setup / installed the needed Drupal modules to have it talk with and connect with CloudFlare. Thankfully, setup was relatively straight-forward. After using composer to install the module (as well as the additional purge modules talked about in the 'Getting Started (Free)' documentation), enabling setting the necessary variables, everything was connected and was showing green in the status messages. Things were looking up!

That is... until I started to test in non-cache'd browsers. That is where I was seeing 403 error pages everywhere, and when I went to specific pages, their PHP code was on full display! I was absolutely puzzled. Why was this happening? After turning things off, and back on again, and triple checking that I had all the right settings and permissions (I haven't even fully started to play with the advanced settings in CloudFlare, this was straight out-of-the-box experience), I was running into a wall. I was able to pinpoint that the problem was definitely with CloudFlare, and not DreamHost, or Drupal, as it was effecting all domains, not just Drupal ones.

After some googling, I was able to find a really old community thread on CloudFlare stating the exact same problem, and the solution was their SSL/TLS certificate setting. By default, when you add a site to CloudFlare, its setting is set to the 'Flexible'. I had to change it from 'Flexbile' to 'Full (Strict)'. Once I did that, everything began working! I did notice in the original thread, that this was a problem and solution specifically for DreamHost + CloudFlare sites. I sure do wish this was documented somewhere officially, as this would have saved me hours of investigation and headache!

Once I was able to have that solved, everything seems to be running great. I am noticing that the site cache and loading is much better, however there are some paths that should not be cached by CloudFlare, as I'm discovering, and the free version of CloudFlare only allows me a maximum of 3 rules to avoid this. The Plus version of CloudFlare given through DreamHost offers up to 10 rules, plus some additional features, for only $9.95 / month. Is this worth it? Maybe, if you have multiple people working and creating content on your site, or if you need more security and analytics outside of what is offered for free.

For now, I am glad that I went through the experience of setting up CloudFlare for my sites, and I'm looking forward to seeing more of the analytics come in.