WordPress is the most popular CMS (content management system) in the world, powering over a third of the top 10 million websites, according to W3Techs.

WordPress is an open source software project that many website service providers host for end customers to enable them to build WordPress sites and serve that content to visitors over the Internet.  For hosting providers, one of the opportunities and challenges is to host one version of WordPress on their infrastructure that is high performing for all their customers without modifying the WordPress code on a per customer basis.

Hosting providers are increasingly turning to Cloudflare’s Serverless Workers Platform to deliver high performance to their end customers by fixing performance issues at the edge while avoiding modifying code on an individual site basis.

One innovative WordPress hosting provider that Cloudflare has been working with to do this is Bluehost, a recommended web host by WordPress.org. In collaboration with Bluehost, Cloudflare’s Workers have been able to achieve a 40% performance improvement for those sites running Workers. Bluehost started with Cloudflare Workers code for Fast Google Fonts which in-lines the browser-specific font CSS and re-hosts the font files through the page origin. This removes the multiple calls to load the CSS and the font file from Google and improves WordPress site response time.  Bluehost then went further and added additional performance enhancements that rehosted commonly run third party scripts and caches dynamic HTML on the edge in conjunction with Bluehost’s own plugin infrastructure.

Bluehost will offer Cloudflare Workers in early 2020. Once implemented, customers will see faster response times, which could result in more website visitors sticking with the site while it renders. Additional benefits could include improved ad dollars from a higher number of impressions and ecommerce revenue from more shoppers.

“We were so impressed to see a 40% performance improvement for websites leveraging Workers, and can’t wait to offer this to our customers in 2020. Our team is excited to partner with Cloudflare and continue to innovate with Workers for added benefits for our customers,” said Suhaib Zaheer, General Manager for Bluehost.

Stay tuned for more performance improvements with Cloudflare Workers!

If you are an Azure customer, or thinking about becoming one, here are three ways we have made Cloudflare’s performance and security services work well with Azure.

We are proud to announce an application for Cloudflare Argo Tunnel within the Azure marketplace. As a quick reminder, Argo Tunnel establishes an encrypted connection between the origin and the Cloudflare edge. The small tunnel daemon establishes outbound connections to the two nearest Cloudflare PoPs,  and the origin is only accessible via the tunnel between Cloudflare and origin.

Because these are outbound connections, there is likely no need to modify firewall rules, configure DNS records, etc.  You can even go so far as to block all IPs on the origin and allow traffic only to flow through the tunnel. You can learn more here. The only prerequisite for using Argo Tunnel is to have Argo enabled on your Cloudflare zone. You can sign up a new domain here.

You can find instructions on how to configure Argo Tunnel through the Azure interface here.

Cloudflare makes SSL issuance and renewal remarkably easy, and it is included in every plan type. There are a few extra steps to getting this to work on Azure’s serverless platform, so we’ve created this guide for you to get started.

Cloudflare has created a free DNS resolver to improve DNS response times. We blogged about this last year.  A few important takeaways are: this resolver runs in all our data centers globally and thus is highly performant, is future proofed for emerging DNS protocols that enhance security (DNS over TLS/HTTPs), and minimizes DNS query information shared with intermediate resolvers.

Cloudflare does daily monitoring of this resolver to make sure it consistently performs well on the Azure platform.  Here are a few steps to take to make use of 1.1.1.1 if you are an Azure user.

Stay tuned on further Cloudflare support for Azure.

Both Magento version 1.9.1.0 CE and 1.14.1.0 EE are compromised by this vulnerability. CloudFlare WAF protection can help mitigate vulnerabilities like this, but it is vital that Magento users patch Magento immediately. Select and download the patch for SUPEE-5344.