Knowledgebase

Can I use my own CloudFlare account?

Our hosting systems are deeply integrated with Cloudflare, but we also believe you should have control over your own assets, and as such you may already have your own Cloudflare account. What's great about Cloudflare is multiple users can access and help to manage the platform. 

Here are the scenarios regarding Cloudflare that we may face, and how to navigate each. 

We are a Cloudflare Partner, so feel free to reach out with any questions!

Page Contents:

Your domain is registered with SixFive

Where you have one domain we pop your domain into our own CloudFlare account, and you can manage your DNS and other settings via my.sixfive.io. 

If you have many domains in your portfolio we place your domains in your own CloudFlare account, so you have autonomy and we get access as required to make changes to support you.

We will create, and invite you to this account as you should have ultimate control over your assets. 

I don't have an account with CloudFlare

If you do not have a CloudFlare account yet, we will create one for you if necessary. We highly recommend using Cloudflare for your domain name as it provides 3 benefits for all on their free plan: 

  1. Speedy DNS updates and changes when you need them 
  2. A Proxy to protect your website from the internet nasties
  3. Speed and scalability for your website visitors

Please let us know via support@sixfive.io what email address you would like to use and we will invite you to your new account. 

I have a Cloudflare account, and need to invite you

Here is how you do this: 

Login to your account via dash.cloudflare.com 

You need to have 2 Factor Authentication enabled: https://dash.cloudflare.com/profile/authentication 

We recommend the Authy app or BitWarden for this, you can also use Google Authenticator. 

Let's add a new member:

  1. On the left menu towards the bottom, go to Manage Account > Members
    Ensure "Member 2FA enforcement" is enabled
    Click "Invite"
  2. In the Invite Members Box enter 'support+cloudflare@sixfive.com.au' and click 'Add'
  3. In the 'Scope' Section select 'All domains' or select only the domain you would like to share if you have many.
  4. Scroll down the page and select the 'Administrator' option. We cannot manage Members or Billing through this level of access, but can do everything else we need to manage your website and configuration. 
  5. Click 'Invite'

That didn't work I get an error!

In May 2023 Cloudflare started a migration of accounts to a new authorisation model, we have been finding that our account is incompatible with newer accounts and this means you get an error such as

"Cannot add user that is not participating in an incompatible authorization system"
"Error when processing member: cannot add existing user that is participating in an incompatible authorization system (Code: 1005)"

To resolve this we've found that you can create a ticket with CloudFlare Support.

In the top menu click Support > Contact Cloudflare 

Start filling out the options as follows: 

Account > Account Management > Identity and Access Management > Domain scoped roles

In the Description field enter "Error when processing member: cannot add existing user that is participating in an incompatible authorization system (Code: 1005)"

This will result in a link to the community article "I cant add new member / Error 1005" appearing under 'Recommended Resources'.


Click to "Add more details"

In the more Description field "Please help us invite support+cloudflare@sixfive.com.au to our account as an administrator."

Select "P3" as the level of urgency. 

In the collaborators field please add us "support+cloudflare@sixfive.com.au" 

Finally, click Submit Case

Monitor your email for a response, and we'll do the same to work through this with you. 

Supporting information:

What access do you need in Cloudflare, and why?

Cloudflare was built to help protect and deliver websites. Our managed Wordpress hosting stack is tightly integrated with Cloudflare to make the most of its exceptional security and delivery technology. Managing your website's DNS records (and the proxy settings) are just one aspect of this. There is too much to maintain manually, and threats are always changing. Our platform makes updates dynamically as we roll out new best practice configurations or threats come to light. 

Security

We add Web application Firewall WAF rules to help

  • protect your website from hacks usually from large providers who allow temporary machines to be spun up in AWS/Google Cloud/Azure etc
  • prevent users from TOR networks (usually not legitimate traffic)
  • slow down over ambitious bots
  • prevent brute force attacks on login forms
  • prevent spam submissions on forms
  • slow down would be hackers from geographies that are not your primary audience
  • manage email signature images
  • manage Apple Pay payment authorisation (e-commerce)

We would periodically need to adjust these without notice to guarantee quality of service. 

Performance

Cloudflare's primary role is to provide continuity and quality of service for websites. We utilise their caching and speed optimisation heavily with in excess of 25 features on the free Cloudflare plan to optimise Wordpress site delivery. There are more settings if we put you into APO for larger sites, publishers and e-commerce.

DNS Records

As a Cloudflare partner, domain registrar, and Google Workspace partner, we know DNS records intimately and understand that you may have records relating to other mission critical services that we will not touch. What we will do in this are:

  • Automatically add and remove staging.yourwebsite.com record when the staging site is created / de-provisioned
  • Automatically add Lets Encrypt validation records when issuing/re-issuing/updating TLS certificate 
  • Add Sendgrid DKIM records for emails generated by your website to ensure the email is authenticated and legitimate
  • Activate the proxy on the records relating to your hosting with us so all the Cloudflare features work 

Management

Other features we automatically update in Cloudflare through our access:

  • Enabling / disabling development mode
  • Reviewing WAF logs for access issues and responding in a timely manner 
  • Automatic issue and refresh of SSL certificates
  • Ensure your site is correctly proxied behind Cloudflare
  • Keeping your website server IP Addresses private (reducing the chances of a direct attack)
  • DNS changes when we need to move your server
  • Caching rules to remove caching on staging sites
  • Automated Server Failover and load balancing (if this is part of your plan)
  • Replace Javascript libraries affected by supply chain attacks
  • Implement Cloudflare Turnstile (more performant, less intrusive to the user and better privacy compliance than ReCaptcha)

We also keep IP address lists up to date automatically to allow your server to function through the firewall and allow some of our monitoring tools and particular CDN or other integrations to access the server.

Was this answer helpful?

0 Users Found This Useful