View Categories

Cloudflare Setup

2 min read

To use the WAF (Web Application Firewall) features, you must first link Ultimate Security with your Cloudflare account. This allows the plugin to manage your security zones and deploy protective rules automatically.

Enable WAF Rules

Before adding your credentials, ensure the Enable WAF Rules toggle is switched ON. This activates the interface for rule configuration, deployment, and analytics.

cloudflare setup setting in ultimate security

Connecting Your Account

You will need to provide the following details:

A. Account Name / Label

  • A friendly name to identify this specific connection.
  • This is helpful if you manage multiple Cloudflare accounts.

B. Authentication Method

You have two ways to connect. We recommend the API Token method for better security:

cloudflare account setting in ultimate security
  • API Token (Recommended): Uses a specific token with restricted permissions.
  • Email + Global API Key: Uses your Cloudflare login email and your API key.

C. API Token / Key Input

  • Paste your secret token or key into this field.
  • Permission Requirement: If using an API Token, ensure it has the following permissions:
    • Zone — WAF — Edit
    • Zone — Zone — Read

D. Token Duration

  • Choose how long Ultimate Security should store these credentials.
  • Options include “Forever” (until you manually disconnect) or specific time limits.

Verification

Once the details are filled in, click the Verify & Save button.

  • The plugin will perform a handshake with Cloudflare to ensure the credentials are correct.
  • If successful, the red “Not Connected” badge at the top will change to a green “Connected” status.

Quick Guide: How to get your API Token

If you aren’t sure where to find your credentials, follow these three steps:

  1. Log in to your Cloudflare Dashboard.
  2. Navigate to My Profile > API Tokens.
  3. Create a token using the “Edit Zone DNS” template or a custom token with the permissions mentioned above (WAF Edit, Zone Read).
  4. Copy the token and paste it back here in the Ultimate Security settings.

Managing Multiple Accounts

Ultimate Security supports multi-account management. You can add multiple Cloudflare accounts and switch between them at any time to manage different security zones without leaving your WordPress site.

Security Tip: Never share your Global API Key. Using a Scoped API Token is the safest way to connect, as it only gives the plugin access to the specific settings it needs to keep your site safe.

What are your Feelings

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top