Learn how to serve your WordPress site directly from Cloudflare's edge network and provide a consistently fast experience for your visitors.

Overview

With Automatic Platform Optimization (APO) Cloudflare will serve your entire site from our edge network, ensuring that customers see improved performance when visiting your site. Typically Cloudflare only caches static content, but with APO we can also cache dynamic content like HTML so the entire site is served from cache. This removes round trips from the origin drastically improving TTFB and other site performance metrics. In addition, to caching dynamic content, APO caches third-party scripts to further reduce the need to make requests that leave Cloudflare's edge network.

With APO, you don't have to change how you manage your WordPress site. Whenever updates to content are made, by using Cloudflare's WordPress plugin, we can update content in our edge to ensure that we do not serve stale content. Additionally, for logged-in or admin users, we will bypass the cache ensuring that private content is not cached and served to other visitors.

See our announcement blog for more information.

Benefits of Automatic Platform Optimization

Serving your entire site from Cloudflare's edge provides a set of performance benefits that are unmatched by typical cache services or other WordPress plugins. Time to first byte (TTFB) is massively reduced since the first file served, the HTML, is served directly from our edge. This along with reducing other requests that might leave Cloudflare's network means sites start to display content sooner (First Contentful Paint or FCP).

Availability of APO

APO is included in all Professional, Business, and Enterprise plans at no extra cost.

APO is available to free plan customers on a $5 per month basis.

Using APO with Cloudflare's WordPress Plugin

Using APO with Cloudflare's WordPress plugin ensures the best possible performance and fastest cache refresh times, which means visitors to your site see content faster. Whenever you make changes in WordPress, the plugin updates the edge network with automatic cache purges.

Additional benefits include:

• HTML edge caching with 30 days TTL
• 30 seconds or faster cache invalidation
• Bypass HTML caching for logged in users
• Bypass HTML caching based on the presence of WordPress specific cookies
• Decrease load on origin servers. If a request is fetched from Cloudflare CDN Cache we skip the request to the origin server.
• Automatically host and cache third party fonts we detect (including Google Fonts), when used within the HTML

Enabling APO

The easiest way to begin using APO is directly from Cloudflare’s WordPress plugin. Before you can use APO, you must install the Cloudflare Wordpress plugin, activate the plugin, and then activate APO.

Install the Cloudflare WordPress plugin

1. In WordPress, select Plugins > Add New.
2. In the search, enter Cloudflare.
3. Install and activate the Cloudflare plugin.

Add your Cloudflare API Token

1. In your browser, visit https://dash.cloudflare.com.
2. Log into your Cloudflare account. If you don’t have an account, see Creating a Cloudflare account.
3. Select your profile > My Profile > API Tokens.
4. Select Create Token.
5. Locate WordPress in the list and select Use template.
6. Choose the Account and Zone to receive plugin access.
7. Select Continue to Summary and Create Token.
8. Copy your API token.

Activate APO

1. In WordPress, open the Cloudflare Plugin page.
2. Enter your email address and paste your API token that you copied in the section above.
3. Select Login.
4. From Home, activate the APO plugin.

If you are on the free plan, you will be redirected to the dashboard to purchase APO. After purchasing APO, you can toggle the service on or off from the WordPress plugin or the Cloudflare dashboard. Professional and Business plan users can use APO for free after activating it.

Configure APO on a subdomain

After you enable APO, you configure it to run on the subdomain that uses WordPress. For example, if you have a website called www.mysite.com which includes a subdomain running WordPress called shop.mysite.com, you would configure APO to run on the shop.mysite.com subdomain.

1. Install version 3.8.7 or later of the Cloudflare WordPress plugin.
2. Log in using Global key. (You can only use an API token for the root domain.)
3. Enable APO. The subdomain displays in the list of hostnames in the card.

Repeat the process for each subdomain to enable APO.

By default, APO runs on the root domain. If you choose to run APO on a subdomain, the root domain is automatically disabled. To run APO on a subdomain and root domain, upgrade the WordPress plugin to version 3.8.7 or later on the root domain and re-enable APO.

Configure APO on a subdirectory

After you enable APO, you will configure it to run on the subdirectory that uses WordPress. For example, if you have a website called www.mysite.com which includes a subdirectory running WordPress called mysite.com/shop, you would configure APO to run on the mysite.com domain following Enable APO steps:

1. Install the Cloudflare WordPress plugin.
2. Add your Cloudflare API Token.
3. Activate APO.

Repeat steps 1-2 for each subdirectory to activate the WordPress plugin for automatic cache purging.

By default, APO runs on the whole domain. If you choose to run APO only on a subdirectory, the rest of the domain should be configured to bypass APO. There 2 ways to achieve this:

1. Serve response header “cf-edge-cache: no-cache” on all non WordPress parts of the site, it will instruct APO service to bypass caching for those parts. This is a recommended approach. It’s easy to implement with Cloudflare Workers:

    addEventListener("fetch", (event) => {
     event.respondWith(handleRequest(event.request));
    });

    async function handleRequest(request) {
     /**
      * Response properties are immutable. To change them, construct a new
      * Response object. Response headers can be modified through the headers `set` method.
      */
     const originalResponse = await fetch(request)

     let response = new Response(originalResponse.body, originalResponse);

     // Add a header using set method
     response.headers.set("cf-edge-cache", "no-cache")

     return response
    }

2. Configure Page Rules to exclude non WordPress parts of the site from caching: with “Cache Level: Bypass”. Please note it will disable all caching including static assets for those paths. That’s why it’s better to disable APO via the response header.

Query Parameters and Cached Responses

By default, if query parameters are found in the URL - APO will bypass the cache and attempt to get a fresh version of the page from the origin. We do this because query parameters are often a sign of dynamic content being present. We also realize that query parameters are often used for marketing attribution (ie UTMs) and that it’s doubly important that these users experience quick loading times. To enable this, APO will still serve cached content as long as the query parameters in the URL are one of the following: 

• utm_source
• utm_campaign
• utm_medium
• utm_expid
• utm_term
• utm_content
• fb_action_ids
• fb_action_types
• fb_source
• fbclid
• _ga
• gclid
• age-verified
• ao_noptimize
• usqp
• cn-reloaded
• klaviyo
• amp

Page Rule integration with APO

The following Page rules can control APO:

• Cache Level: Bypass

APO will bypass page with response header “cf-apo-via: origin,page-rules”

• Cache Level: Ignore Query String

APO will ignore all query strings when serving from Cache

• Cache Level: Cache Everything

APO will cache pages with all query strings. Default cookies rules still apply. Please note automatic page purge via the WordPress plugin won’t clean all cached pages, only one without query strings. Cached responses will be returned even with request header cache-control: no-cache. 

• Bypass Cache on Cookie (Biz and Ent plans only)

APO will apply custom bypass cookies in addition to the default list.

• Edge Cache TTL

APO will apply custom Edge TTL instead of 30 days. It is helpful for pages that can generate captchas or nonces.

• Browser Cache TTL

APO will apply custom Browser TTL for all assets apart from the HTML page. The limitation is due to the technical issue we hope to address in future releases.

Note: Any changes to Caching page rules require Cache purge to see the effect. 

Cache by Device Type

APO cache by device type allows you to cache content by device type.  This allows all the benefits of Cloudflare's cache while targeting visitors with content appropriate to their device. Cloudflare evaluates the User-Agent header in the HTTP request to identify the device type. We identify each device type with a case insensitive match to the regex below:

• Mobile: (?:phone|windows\s+phone|ipod|blackberry|(?:android|bb\d+|meego|silk|googlebot) .+? mobile|palm|windows\s+ce|opera\ mini|avantgo|mobilesafari|docomo)
• Tablet: (?:ipad|playbook|(?:android|bb\d+|meego|silk)(?! .+? mobile))
• Desktop: Everything else not matched above.

To enable caching by device type either navigate to dashboard's APO card or in Cloudflare for WordPress plugin version 3.8.7 or later.

Once enabled, Cloudflare sends a CF-Device-Type HTTP header to your origin with a value of either mobile, tablet, desktop for every request to specify the visitor’s device type.

If your origin responds with the appropriate content for that device type, Cloudflare caches the resource only for that specific device type.

Cloudflare for WordPress plugin will automatically purge all cache variations for updated pages.

Please refer to the Plugins Compatibility section below to see the list of plugins that require enabling APO Cache By Device Type.

Plugin Compatibility

There are over 50,000 WordPress plugins currently available for download. Because there are so many, it’s impossible for us to test the compatibility of APO with each one individually. 

We do acknowledge, however, that it’s important to provide some guidance around some of the more popular plugins. To that end, we wanted to publish a list of officially supported plugins, as well as those we know to cause issues while APO is turned on. We plan on updating this list periodically as we discover new issues and add additional compatibility.

If you have a question about a specific plugin that’s not found on this list, please create a thread in our community and we’ll do our best to answer your questions.

Compatible Plugins

• BigCommerce
• Easy Digital Downloads
• WooCommerce
• YITH WooCommerce Wishlist
• WP EasyCart
• Ecwid Ecommerce Shopping Cart
• WP ECommerce
• Bookly
• WPTouch
• Mobile Detect
• WordPress Mobile Pack
• WP-Mobilizer
• WP Mobile Edition
• Any Mobile Theme Switcher
• Easy Social Share Buttons
• Jetpack (Mobile Theme)
• wiziApp

Plugins and Services which may cause issues with APO:

• WP Rocket
• Imunify360

Disabling APO

In order to disable APO, first, turn off the feature from the WordPress plugin or Cloudflare Dashboard, then purge the Cloudflare cache to ensure that content is served by the origin and respects the default origin configuration going forward.

FAQs

• How to verify APO and the WordPress integration works?

1. Publish a change on the website page.
2. You should see the change and the page should be cached with cf-cache-status: HIT in a response header. Below is an example of how to check the cache header using: type: embedded-entry-inline id: 5mcoS5KchZWX2mr2gn88fz type: embedded-entry-inline id: 4W2KDAa5TTPjEfn9y31iCi

• What if my Cloudflare dashboard says it can't detect WordPress?

If your Cloudflare dashboard can't detect WordPress, be sure to install and activate the Cloudflare plugin from WordPress.

• What if my Cloudflare dashboard says it can't detect the WordPress plugin?

If your Cloudflare dashboard can't detect the WordPress plugin, try to enable APO from the Cloudflare Plugin page within WordPress.

• How to report Cloudflare-WordPress plugin issues?

In terms of supporting the WordPress plugin, please file any new issues to the Cloudflare-WordPress Github repository. The management and development of the Cloudflare-WordPress plugin will be via Github.