Skip to main content
Easy Digital Downloads Documentation
Documentation, Reference Materials, and Tutorials for Easy Digital Downloads

Does Easy Digital Downloads work with Cloudflare?

We understand that website security and performance are essential to the success of your eCommerce store. Cloudflare is a service that helps protect and speed up your site using a collection of features and rules to ensure that your pages load securely and quick for your customers.

Generally speaking, Easy Digital Downloads is compatible with Cloudflare, however, given the complexity of eCommerce stores, there are some features and configurations you’ll want to ensure you account for, when using the service.

As always, when optimizing site performance, when changes are made to optimization features in Cloudflare, we strongly encourage you to test the critical areas of your site as a logged out user to ensure functionality is not affected.

Automatic Platform Optimization for WordPress (APO)

The Cloudflare Automatic Platform Optimization feature (or APO) is a feature that can improve the performance of your site by reducing the time to first byte (TTFB). The APO feature supports many popular WordPress plugins, including Easy Digital Downloads.

To enable Automatic Platform Optimization, you first need to install and activate the Cloudflare WordPress Plugin

Once activated, head to Settings > Cloudflare. You will need to either create a free account or if you have an account click Sign in here

You will need the email address used for your Cloudflare account, as well as your Global API Key, which can be found by clicking on the link below the form

This will open a new window where you click on the API Tokens menu, where you can click on the View button for your Global API Key.

After you have connected your site to Cloudflare, you can turn on the Automatic Platform Optimization from the Settings > Cloudflare > Home settings within your WordPress admin area.

We recommend using the Cache By Device Type setting be enabled to ensure the best user experience.

Rocket Loader

Cloudflare’s Rocket Loader feature, improves page load performance by loading all Javascript asynchronously, even 3rd party scripts. This can help your pages load faster and allow customers to interact with the site more quickly

When enabled the Rocket Loader feature can cause issues with EDD’s checkout as it can cause duplicate payments to be created at the Gateway due to it duplicating the click to process a purchase. To ensure your checkout is not affected by this undesired result, you should disable Rocket Loader on the checkout page using a Configuration Rule. To enable a Configuration Rule, in the menu on the left of your Cloudflare domain settings, choose Rules > Configuration Rules

Once there, click ‘Create rule’

Then configure a rule that turns off ‘Rocket Loader’ on the checkout page. Our example uses the default checkout page of /checkout

Scroll down and click ‘+ Add’ for Rocket Loader, and ensure that it is ‘Off’

Then click ‘Deploy’

ScrapeShield

Cloudflare’s ScrapeShield technology grabs the email address of the customer and obfuscates it so that spammers cannot scrape it and send spam.

The drawback to this is that it’s then not a valid email address, and the customer becomes disconnected from the purchase.

Cloudflare offers instructions on how to turn off this feature.  Once it’s off then the issue is resolved.

HTTPS Protocol Rewriting

This option attempts to make all of your site’s assets (like CSS files etc) load over the same protocol (http or https).  Occasionally it doesn’t load properly, causing downloads to be served without contents, so the filesize is 0.  You can turn this feature off in your Cloudflare panel,  Cloudflare’s documentation on HTTPS Protocol Rewriting explains how.

Page Rules

Cloudflare has a number of performance tools, and in order for your EDD Store to run well with Cloudflare you may need to adjust some Page Rules in order to ensure that adding to the cart and processing orders complete successfully.


These are the suggested page rules that you should add to your Cloudflare account to ensure optimal functionality.

  • domain.com/checkout*
    • Cache Level: Bypass
    • Browser Integrity Check: Off
    • Rocket Loader: Off
  • domain.com/admin-ajax.php
    • Cache Level: Bypass
    • Browser Integrity Check: Off
  • domain.com/wp-json/edd*
    • Cache Level: Bypass
    • Browser Integrity Check: Off

Payments not marked as complete

If you are experience problems with your payments not being marked as complete (usually only happens with ‘offsite’ payment gateways like PayPal) and you use CloudFlare on your website, try disabling CloudFlare temporarily to see if payments are properly marked as complete when it is disabled.

You may need to exclude your checkout page from Cloudflare’s caching. Here is one of their help articles to get you started with that: 
https://support.cloudflare.com/hc/en-us/articles/200172316-How-do-I-exclude-a-specific-URL-from-CloudFlare-s-caching-