Cloudflare Server-Side Excludes

Cloudflare has a great little piece of functionality called “Server-Side Excludes”, tucked away on the “Scrape Shield” tab.  The idea is that if you have some information that you’d rather not have a suspicious person (or bot!) seeing, but you don’t want to hide the page from them completely, you can just hide the specific…

Setting up Cloudflare – Scrape Shield deep dive

I’m happy to announce that have a new course live on Skillshare and Udemy… Setting up Cloudflare – Scrape Shield deep dive This course follows on from setting up Cloudflare for website security and performance, which goes through all the Cloudflare settings, explaining what’s available and the configuration that I would recommend for most websites.…

Easily fixing insecure references

One of the easiest mistakes to make when trying to convert an insecure HTTP website over to a secure HTTPS one is mixed content. Mixed content is when the site itself is loaded over HTTPS, but it contains links to content which are HTTP and therefore insecure – there’s no point knowing that the page…

New Cloudflare app – Instant Page

I wrote a post 3 months ago about pre-fetching links to improve performance.  This post talked about a library called instant.page, which is a free and open source library that uses just-in-time preloading, meaning it preloads a page right before a user clicks on it. Pages are preloaded only when there’s a good chance that a user…

Server push with Cloudflare

A few days ago I posted about server push and SRI and the fact that they’re currently not compatible.  In this post, I gave a brief synopsis of server push, which I’ll repeat… HTTP/2 is pretty clever, for example allowing one TCP connection to be utilised by multiple concurrent downloads, which means there’s less delay waiting…