Skip to content

CloudFlare Settings Page Documentation

Menu Location: Settings > System Integration > CloudFlare Settings

Access Level: Administrator / Kiva Admin

Last Updated: 2026-03-01

Overview

The CloudFlare Settings page manages your integration with CloudFlare CDN (Content Delivery Network), controlling caching, security, performance optimization, and image delivery settings to ensure your website loads quickly and securely for customers worldwide.

Primary Functions:

  • Configure CloudFlare CDN integration and API access
  • Manage cache purging and optimization
  • Control security settings and DDoS protection
  • Configure image optimization via Imgix whitelist
  • Monitor CDN performance and statistics
  • Troubleshoot delivery and caching issues

Page Layout

Header Section

  • Page Title: "CloudFlare Settings"
  • Connection Status: Shows if CloudFlare is connected and active
  • Quick Actions: Purge Cache, Test Connection, View Stats

API Configuration Section

Fields for connecting to your CloudFlare account:

  • CloudFlare Email
  • CloudFlare API Key
  • Zone ID
  • Domain Name
  • Connection Status Indicator

Cache Management Section

Controls for managing cached content:

  • Purge All Cache button
  • Purge Specific URLs tool
  • Auto-purge settings
  • Cache statistics

Imgix Whitelist Section

Configuration for image CDN optimization:

  • Imgix Source ID
  • Whitelist IP addresses
  • Image optimization settings

Performance & Security Section

CloudFlare feature toggles:

  • Security Level
  • Browser Cache TTL
  • Development Mode toggle
  • Always Use HTTPS
  • Automatic HTTPS Rewrites

API Configuration

Connecting CloudFlare Account

Purpose: Link your CloudFlare account to enable CDN features

Steps:

  1. Log in to your CloudFlare dashboard
  2. Navigate to "My Profile" > "API Tokens"
  3. Copy your Global API Key
  4. Return to KlCode CloudFlare Settings page
  5. Enter your CloudFlare email address
  6. Paste your API Key
  7. Enter your Zone ID (found in CloudFlare dashboard)
  8. Enter your domain name
  9. Click "Save & Test Connection"
  10. Verify "Connected Successfully" message

Requirements:

  • Active CloudFlare account
  • Domain added to CloudFlare
  • Global API Key or scoped API token
  • Administrator access in KlCode

Security Notes:

  • API key is encrypted when stored
  • Never share your API key
  • Rotate API keys periodically
  • Use scoped tokens when possible for security

Testing Connection

Purpose: Verify CloudFlare API is working correctly

Steps:

  1. Click "Test Connection" button
  2. System checks:
    • API authentication
    • Zone accessibility
    • DNS configuration
    • SSL certificate status
  3. Review test results
  4. Address any errors shown

Common Test Results:

  • "Connection Successful" - All working
  • "Authentication Failed" - Check API key
  • "Zone Not Found" - Verify Zone ID
  • "DNS Not Configured" - Check CloudFlare DNS settings

Cache Management

Purge All Cache

Purpose: Clear all cached content to immediately show website updates

When to Use:

  • After major website updates
  • When customers report seeing old content
  • After changing product prices or images
  • When resolving display issues

Steps:

  1. Click "Purge All Cache" button
  2. Confirm purge action (this affects all visitors)
  3. Wait for confirmation message
  4. Allow 3-5 minutes for purge to propagate
  5. Test website in incognito/private browsing mode

Warning: Purging all cache temporarily increases server load as CloudFlare re-caches content. Use selectively during low-traffic periods when possible.

Purge Specific URLs

Purpose: Clear cache for specific pages without affecting entire site

Steps:

  1. Click "Purge Specific URLs" button
  2. Enter URLs to purge (one per line): 
    https://yourdomain.com/shop/products
https://yourdomain.com/home/account
https://yourdomain.com/images/logo.png
  3. Click "Purge Selected URLs"
  4. Confirm action
  5. Wait for confirmation
  6. Test affected pages

Best For:

  • Single page updates
  • Specific product changes
  • Individual image replacements
  • Targeted fixes

Auto-Purge Settings

Purpose: Automatically purge cache when certain events occur

Configurable Triggers:

  • Product Updates: Auto-purge when products change
  • Price Changes: Auto-purge when prices update
  • Order Placed: Auto-purge cart/checkout pages
  • Blog Posts: Auto-purge when blog updated

Configuration:

  1. Check boxes for desired auto-purge triggers
  2. Set purge delay (immediate vs. 5-minute delay)
  3. Choose purge scope (affected pages only vs. full site)
  4. Save settings

Recommendations:

  • Enable for Product Updates (ensures current info)
  • Enable for Price Changes (prevents wrong prices)
  • Consider disabling for Order Placed if high volume
  • Review purge logs monthly to optimize

Imgix Whitelist Configuration

Setting Up Imgix

Purpose: Enable advanced image optimization and delivery

Steps:

  1. Locate "Imgix Whitelist" section
  2. Enter your Imgix Source ID
  3. Add IP addresses to whitelist:
    • Your server IP
    • CloudFlare IP ranges
    • Development server IPs
  4. Enable "Image Optimization"
  5. Set optimization level (Balanced recommended)
  6. Save configuration

Benefits:

  • Automatic image format conversion (WebP for supported browsers)
  • Responsive image sizing
  • Faster image loading
  • Reduced bandwidth usage

Managing Whitelist

Add IP Address:

  1. Click "Add to Whitelist"
  2. Enter IP address
  3. Add description (e.g., "Production Server")
  4. Click "Save"

Remove IP Address:

  1. Find IP in whitelist
  2. Click "Remove"
  3. Confirm removal

Performance Settings

Security Level

Options:

  • Essentially Off: Minimal protection, fastest performance
  • Low: Light protection, good performance
  • Medium: Balanced (recommended for most)
  • High: Strong protection, may challenge some visitors
  • I'm Under Attack: Maximum protection, challenges all visitors

When to Adjust:

  • Use "I'm Under Attack" during DDoS attacks
  • Use "Low" for trusted corporate events
  • Keep "Medium" for normal operations

Browser Cache TTL

Purpose: Control how long browsers cache your content

Options:

  • 30 minutes (dynamic content)
  • 1 hour
  • 4 hours (recommended for most pages)
  • 8 hours
  • 1 day (static content)
  • 1 week (images, CSS, JavaScript)

Recommendations:

  • HTML pages: 4 hours
  • Product images: 1 day
  • CSS/JavaScript: 1 week
  • Homepage: 1 hour

Development Mode

Purpose: Temporarily bypass cache for testing

Use Cases:

  • Website development work
  • Testing new features
  • Troubleshooting display issues

Steps:

  1. Toggle "Development Mode" ON
  2. Make and test your changes
  3. Development mode automatically disables after 3 hours
  4. Or manually toggle OFF when done

Important: Don't forget to disable - impacts performance for all visitors.

Common Use Cases

Use Case 1: Website Update Not Showing

Goal: Ensure customers see latest website changes

Steps:

  1. Verify changes are on live server
  2. Navigate to CloudFlare Settings
  3. Click "Purge All Cache"
  4. Wait 3-5 minutes
  5. Test in incognito/private browser
  6. If still not showing:
    • Check "Last Purge Time" to confirm
    • Enable Development Mode
    • Test again
    • Disable Development Mode
    • Purge specific URLs if needed

Use Case 2: Preparing for Major Sale Launch

Goal: Ensure sale prices and banners display immediately at launch time

Steps:

  1. Upload sale content to website (don't publish yet)
  2. One hour before launch:
    • Reduce Browser Cache TTL to 30 minutes
    • Prepare purge URL list
  3. At launch time:
    • Publish sale content
    • Immediately purge specific URLs:
    • Homepage
    • Shop pages
    • Product pages
    • Banner images
  4. Monitor for 15 minutes
  5. Test customer-facing pages
  6. After sale: restore normal Cache TTL

Use Case 3: Troubleshooting Slow Website

Goal: Use CloudFlare settings to diagnose and fix performance issues

Steps:

  1. Click "View Stats" in CloudFlare Settings
  2. Check Cache Hit Ratio:
    • Above 80%: Good
    • Below 60%: Investigate
  3. Review bandwidth savings
  4. Check security threats blocked
  5. If cache hit ratio is low:
    • Review auto-purge settings (may be too aggressive)
    • Check Browser Cache TTL (may be too short)
    • Verify CloudFlare is caching correctly
  6. Adjust settings based on findings
  7. Monitor for 24 hours
  8. Compare before/after metrics

Use Case 4: Security Threat Response

Goal: Quickly protect website during attack

Steps:

  1. Receive alert of unusual traffic or attack
  2. Navigate to CloudFlare Settings immediately
  3. Change Security Level to "I'm Under Attack"
  4. Save changes
  5. Monitor bad login attempts and traffic
  6. Attack is automatically challenged/blocked
  7. When attack subsides (usually 1-24 hours):
    • Return Security Level to "Medium"
    • Review attack logs
    • Document incident

Tips:

  • "I'm Under Attack" mode may frustrate legitimate users
  • Communicate with customers during extended attacks
  • Consider leaving at "High" for 24-48 hours after attack
  • Review and block attacking IPs

Use Case 5: Optimizing Images for Mobile

Goal: Improve mobile customer experience with faster image loading

Steps:

  1. Navigate to Imgix Whitelist section
  2. Enable Image Optimization if not already
  3. Set optimization level to "Aggressive"
  4. Enable automatic WebP conversion
  5. Configure responsive image settings
  6. Purge all cache to force re-optimization
  7. Test website on mobile device:
    • Check loading speed
    • Verify image quality acceptable
    • Test different device types
  8. Adjust optimization level if needed
  9. Monitor bandwidth savings in stats

Troubleshooting

Issue 1: Connection Test Fails

Symptoms: "Authentication Failed" or "Cannot Connect" errors

Check:

  1. Verify CloudFlare email is correct
  2. Copy API key again from CloudFlare (may have typo)
  3. Confirm Zone ID matches your domain in CloudFlare
  4. Check domain is active in CloudFlare
  5. Verify API key has necessary permissions
  6. Ensure CloudFlare account is active (not suspended)

Solutions:

  1. Re-enter credentials carefully
  2. Generate new API key in CloudFlare
  3. Use Global API Key instead of scoped token
  4. Contact CloudFlare support if account issue
  5. Try test connection during off-peak hours

Issue 2: Cache Purge Not Working

Symptoms: Old content still showing after purge

Common Causes:

  • Browser cache not cleared
  • Multiple cache layers
  • Purge still propagating
  • Wrong URLs purged

Solutions:

  1. Wait full 5 minutes after purge
  2. Test in incognito/private browser
  3. Clear local browser cache (Ctrl+Shift+Delete)
  4. Try "Purge All" instead of specific URLs
  5. Enable Development Mode for testing
  6. Check for additional caching (hosting level)
  7. Verify changes are actually on server

Issue 3: Images Not Loading or Optimizing

Symptoms: Broken images or Imgix optimization not working

Check:

  1. Verify Imgix Source ID is correct
  2. Confirm server IP is in whitelist
  3. Check image URLs are using correct format
  4. Verify Imgix account is active
  5. Review CloudFlare firewall not blocking Imgix

Solutions:

  1. Add all necessary IPs to whitelist
  2. Re-save Imgix configuration
  3. Purge image cache specifically
  4. Test with sample image URL
  5. Check Imgix dashboard for errors
  6. Contact Kiva Logic if persistent

If Problem Persists: Export CloudFlare stats and settings, contact Kiva Logic support with configuration details and specific symptoms.

Issue 4: Website Slower After Enabling CloudFlare

Symptoms: Page load times increased after CloudFlare setup

Unexpected but Possible Causes:

  • CloudFlare routing to distant data center
  • Cache settings too aggressive (not caching enough)
  • Development Mode accidentally left on
  • Security level too high (challenging all visitors)
  • DNS propagation still in progress

Solutions:

  1. Check Development Mode is OFF
  2. Verify Security Level is "Medium" or lower
  3. Increase Browser Cache TTL
  4. Enable Auto-Minify for HTML, CSS, JS
  5. Wait 24-48 hours for DNS propagation
  6. Review CloudFlare analytics for bottlenecks
  7. Disable and re-enable CloudFlare if needed
  • Website Settings - Overall website configuration
  • Performance Reports - Site speed and optimization metrics
  • Security Settings - Additional security configurations
  • Image Library - Manage website images
  • CDN Statistics - Detailed CloudFlare analytics

Typical Workflow:

  1. CloudFlare Settings → Configure → Website Settings (verify)
  2. Make website changes → CloudFlare Settings → Purge Cache
  3. Security alert → CloudFlare Settings → Increase Security Level

Permissions & Access

Required Access Level: Administrator

Access Level Capabilities:

  • Manager: View only, cannot change settings
  • Administrator: Full access except API key management
  • Kiva Admin: All features including API configuration

Restricted Features:

  • API Key Changes: Requires Administrator or Kiva Admin
  • Security Level Changes: Requires Administrator
  • Development Mode: Requires Administrator

Best Practices

Regular Maintenance

  1. Test CloudFlare connection monthly
  2. Review cache hit ratios weekly
  3. Purge cache after major updates
  4. Monitor bandwidth savings
  5. Keep API keys secure and rotated

Cache Management

  1. Use selective purge over full purge when possible
  2. Schedule major purges during low traffic
  3. Enable auto-purge for products and prices
  4. Don't over-purge (reduces performance benefit)
  5. Document purge reasons in admin notes

Security

  1. Keep Security Level at "Medium" for normal operations
  2. Use "I'm Under Attack" sparingly
  3. Monitor CloudFlare threat logs
  4. Combine with IP blocking for persistent threats
  5. Enable HTTPS always

Image Optimization

  1. Keep Imgix whitelist updated
  2. Test mobile image loading regularly
  3. Balance quality vs. file size
  4. Use WebP format when possible
  5. Monitor image bandwidth usage

Things to Avoid

  • Don't leave Development Mode on indefinitely
  • Don't purge cache multiple times in quick succession
  • Don't set Browser Cache TTL too low (defeats purpose)
  • Don't change Security Level without documenting reason
  • Don't share API keys or save in unsecured locations

Integration Points

CloudFlare CDN

  • Real-time cache management
  • Security threat blocking
  • Performance optimization
  • SSL/TLS certificate management

Imgix Image Optimization

  • Automatic format conversion
  • Responsive image delivery
  • Real-time image resizing
  • Bandwidth reduction

Website Monitoring

  • Integration with uptime monitoring
  • Performance metrics tracking
  • Security event logging

Quick Reference Card

Task Action/Location
Purge all cache Click "Purge All Cache" button
Purge specific page "Purge Specific URLs" > enter URL
Test connection Click "Test Connection"
Enable Development Mode Toggle "Development Mode" ON
Increase security during attack Security Level > "I'm Under Attack"
Update API key API Configuration section > re-enter key
Check cache performance Click "View Stats"
Optimize images Imgix Whitelist > Enable optimization
Auto-purge on product updates Auto-Purge Settings > check "Product Updates"
Extend browser cache time Browser Cache TTL > increase value

FAQs

How long does cache purge take to work?

Typically 3-5 minutes to propagate globally. During high traffic, it may take up to 10 minutes. Always test in incognito mode to avoid local browser cache.

Will CloudFlare slow down my website?

No, CloudFlare should improve speed by serving cached content from locations closer to your customers. If slower, check Development Mode isn't on and Security Level isn't too high.

What's the difference between purging cache and Development Mode?

Purge cache removes stored content (one-time action). Development Mode bypasses cache entirely (temporary, auto-expires in 3 hours). Use purge for updates, Development Mode for testing.

Do I need both CloudFlare and Imgix?

CloudFlare handles overall website caching and security. Imgix specializes in image optimization. Using both provides best performance. Imgix is optional but recommended for image-heavy sites.

Can I schedule automatic cache purges?

Auto-purge settings trigger on events (product updates, etc.), not on schedules. For scheduled purges, contact Kiva Logic about setting up automated rules.

What happens if I enter the wrong API key?

Connection will fail and CloudFlare features won't work. Website remains functional but loses CDN benefits until corrected. Update with correct key to restore functionality.

Should I use "I'm Under Attack" mode for all security threats?

No, only for severe DDoS attacks. It challenges all visitors with browser checks, which can frustrate legitimate customers. Use "High" security first, escalate to "I'm Under Attack" if needed.

How do I know if CloudFlare is working?

Check "View Stats" for cache hit ratio above 70% and bandwidth savings. Also verify response headers show CloudFlare in network tools.

End of Documentation

For additional help, contact your system administrator or Kiva Logic support.