Step-by-Step Guide: Secure Hostinger Website with Cloudflare

Step 1: Sign Up or Log In to Cloudflare

1. Sign up or log in to your Cloudflare account at Cloudflare.

2. Once logged in, click on “Add a Site” to start the process of securing your Hostinger website.

Step 2: Add Your Hostinger Domain to Cloudflare

1. Enter your domain name (e.g., yourdomain.com) and click “Add Site”.

2. Cloudflare will automatically scan your existing DNS records. Once the scan is complete, click “Continue” to proceed.

Step 3: Choose a Cloudflare Plan

1. Cloudflare offers several plans, including a Free Plan. The Free Plan provides basic security and performance features, which is suitable for most websites.

2. Select the Free Plan or the plan that best suits your needs, and click “Confirm Plan”.

Step 4: Update DNS Settings in Hostinger

Cloudflare will provide you with two nameservers (e.g., ns1.cloudflare.com and ns2.cloudflare.com).

1. Log in to your Hostinger account and navigate to hPanel.

2. In the Domains section, select your domain.

3. Go to the DNS / Nameservers settings and select Use Custom Nameservers.

4. Replace the current nameservers with the ones provided by Cloudflare.

5. Save the changes. DNS propagation may take 24-48 hours, but often it happens much faster.

Step 5: Enable SSL/TLS Encryption on Cloudflare

1. Go to the SSL/TLS tab in your Cloudflare dashboard.

2. Select Full (Strict) mode for SSL to ensure both Cloudflare-to-user and Cloudflare-to-server communication are encrypted. This is the most secure option.

   • Full (Strict): Provides end-to-end encryption, ensuring both Cloudflare and the web server are secured with valid SSL certificates.

   • Flexible SSL: Encrypts traffic between the user’s browser and Cloudflare but not between Cloudflare and your server (not recommended for a secure setup).

3. Enable Always Use HTTPS to force visitors to access your website over HTTPS (more secure than HTTP).

Step 6: Activate Web Application Firewall (WAF)

Cloudflare’s Web Application Firewall (WAF) protects your site from common vulnerabilities and attacks, such as SQL injections, cross-site scripting (XSS), and more.

1. In the Firewall section of your Cloudflare dashboard, ensure the WAF is enabled.

2. You can choose to activate additional security rules (e.g., OWASP rules, rate limiting, etc.) to further protect your website.

Step 7: Enable DDoS Protection

Cloudflare offers DDoS protection by default. This feature blocks malicious traffic from reaching your website, preventing denial-of-service attacks.

1. In the Firewall section, Cloudflare will automatically mitigate any DDoS attack detected.

2. You can also enable Bot Fight Mode under the Security settings to further block malicious bots.

Step 8: Configure Cloudflare Caching

Caching content through Cloudflare reduces the load on your Hostinger server and improves website performance.

1. Navigate to the Caching section of the Cloudflare dashboard.

2. Enable Cache Everything to cache static assets (e.g., images, JavaScript, CSS).

3. You can also set the Cache Level to Aggressive to improve loading speeds.

Step 9: Enable “Automatic HTTPS Rewrites”

Automatic HTTPS Rewrites will help redirect HTTP links to HTTPS, eliminating mixed content issues and ensuring all resources are loaded securely.

1. Go to SSL/TLS > Edge Certificates in the Cloudflare dashboard.

2. Enable Automatic HTTPS Rewrites.

Step 10: Test Your Site for Security

1. After DNS propagation is complete, go toyourdomain in your browser.

2. Check for the padlock icon in the address bar, indicating your site is secured with SSL encryption.

3. Test your site’s performance and security using tools like GTMetrix and SSL Labs.

Additional Cloudflare Features for Enhanced Security

• Rate Limiting: Set up rate limiting rules to prevent abuse, such as brute-force login attempts.

• Bot Management: Use Cloudflare’s advanced bot management features to protect against malicious bots.

• Content Security Policy (CSP): You can enforce security policies to prevent cross-site scripting and data injection.

Conclusion: Enhanced Security with Cloudflare and Hostinger

By integrating Cloudflare with Hostinger, you can significantly enhance your website’s security. Cloudflare provides a robust suite of tools, including SSL/TLS encryption, DDoS protection, WAF, and more. These features ensure your website remains secure, performs well, and is protected against threat

Explore more related articles to deepen your understanding

Is Cloudflare better than Google?

Does Google use Cloudflare

Namecheap to Cloudflare: A Complete Integration Guide