1. Select your domain

First, we need to add a new CNAME record for admin.YOURDOMAIN. This will allow you to access the admin subdomain on your site. If you prefer, the admin control panel may also be accessed via IP address instead.

1. Click Add record button
2. Type: CNAME | Name: admin | Target: your domain

1. Always Use HTTPS: Off - (Important: This can cause redirect loops)
2. HSTS: On - (Optional)
3. Minimum TLS Version: TLS 1.2
4. Opportunistic Encryption: On
5. TLS 1.3: On
6. Automatic HTTPS Rewrites: On
7. Certificate Transparency Monitoring: Optional

1. Authenticated Origin Pulls: On

Go through each optimization tab and select the following:

1. Speed Brain: On
2. Cloudflare Fonts On
3. Early Hints: On
4. Rocket Loader: Optional - When enabled, this will disable Cloudflare's compression from origin functionality. Rocket loader can also cause issues with some plugins.
5. HTTP/2: On
6. HTTP/2 to Origin: On
7. HTTP/3 (with QUIC): On - (Note: Cloudflare does not currently support HTTP/3 to Origin)
8. Enhanced HTTP/2 Prioritization On - (Only available if you have Cloudflare Pro)
9. 0-RTT Connection Resumption: On
10. AMP Real URL: Optional

1. Caching Level: Standard
2. Browser Cache TTL: Respect Existing Headers
3. Crawler Hints: On
4. Always Online: On

1. Tiered Cache Topology: Smart Tiered Caching Topology

1. IPv6 Compatibility: On
2. WebSockets: On
3. Pseudo IPv4: Add Header
4. IP Geolocation: On
5. Network Error Logging: On
6. Onion Routing: On

For Cloudflare to support compression from origin, the following features must be disabled:

• Email Obfuscation
• Rocket Loader
• Server Side Excludes (SSE)
• Mirage
• HTML Minification (JavaScript and CSS can remain enabled)
• Automatic HTTPS Rewrites

For more information, see This is Brotli from Origin.