Logo
WP Fix by Blimx

CDN Setup for WordPress — Cloudflare vs BunnyNet vs Fastly

Actualizado:
PerformanceInfrastructure

Why every WordPress site needs a CDN

A CDN does three things for WordPress:

  1. Caches static assets (images, CSS, JS) at edge nodes near your visitors
  2. Caches HTML of cacheable pages (with proper config)
  3. Filters malicious traffic before it reaches your origin

Without a CDN, every visitor hits your origin server. With a CDN, your origin sees 5-10% of total traffic. Performance improves dramatically; origin load drops; bot attacks get filtered.

The question isn't whether to use a CDN — it's which one.

The three options for WordPress in 2026

We deploy three CDNs depending on customer needs:

FeatureCloudflareBunnyNetFastly
Free tierYesNo ($1 min)No ($50 min)
Pop count320+11990+
WAFBasic free, Pro paidAdd-onPremium
Cache controlPage RulesStandardVCL (powerful)
HTML cachingYes (Cache Everything)Yes (Smart Cache)Yes (VCL)
WordPress integrationCloudflare pluginBunny pluginManual
Best forMost WordPress sitesHigh-traffic, image-heavyCustom, complex setups
Monthly cost$0-20$5-50$50+

Cloudflare: the default for most WordPress sites

When to choose Cloudflare

  • Brand new site or starting CDN journey
  • Tight budget (free tier is generous)
  • Need easy DDoS and bot protection
  • Want WordPress-specific configuration without coding

Setup procedure

  1. Sign up at cloudflare.com, add your domain
  2. Update nameservers at registrar
  3. Install Cloudflare WordPress plugin
  4. Enter API token in plugin

Configuration we set on every Cloudflare WordPress site:

Speed → Optimization
  Auto Minify: HTML, CSS, JS all on
  Brotli: On
  Rocket Loader: OFF (breaks WordPress)

Caching → Configuration
  Browser Cache TTL: 4 hours
  Always Online: On
  Crawler Hints: On

Caching → Cache Rules
  Rule 1: When URI Path contains "/wp-admin" → Bypass cache
  Rule 2: When URI Path contains "/wp-login.php" → Bypass cache
  Rule 3: When URI Path equals "/" → Cache Everything, 2 hours

SSL/TLS
  Mode: Full (strict)
  Always Use HTTPS: On
  Min TLS: 1.2

Security
  Browser Integrity Check: On
  Bot Fight Mode: On (Pro: Super Bot Fight Mode)

The Cache Everything rule for the homepage drops TTFB from 800ms to 50ms.

BunnyNet: the high-performance alternative

When to choose BunnyNet

  • Image-heavy site (galleries, photography, product catalogs)
  • International audience (especially Asia, where Bunny has good coverage)
  • Need image optimization built-in
  • Budget allows $5-20/month

Why Bunny excels

Bunny's edge POP architecture optimizes for raw delivery speed. Their image processing (Bunny Optimizer) does on-the-fly WebP/AVIF conversion. Pricing is competitive: $0.005/GB for North America/Europe.

Setup procedure

  1. Sign up at bunny.net
  2. Create a Pull Zone pointing to yoursite.com
  3. Install Bunny WordPress plugin
  4. Configure the CDN URL (something like yoursite.b-cdn.net)
  5. Enable Bunny Optimizer (optional, $9.50/month)

Plugin auto-rewrites image/CSS/JS URLs from yoursite.com/wp-content/... to yoursite.b-cdn.net/wp-content/....

For HTML caching, you need Bunny's Smart Cache feature on a Premium Pull Zone. Configuration via dashboard:

  • Cache Expiration Time: 1 hour
  • Cache Bypass Cookies: wordpress_logged_in_*, woocommerce_*, comment_*
  • Strip Query String: No
  • Cache Settings: Override origin

This caches non-logged-in HTML requests. Logged-in users bypass cache automatically.

Fastly: the power user choice

When to choose Fastly

  • High-traffic site (1M+ requests/day)
  • Complex caching logic (mixed cacheable/non-cacheable on same URL)
  • Need real-time purging at scale
  • Have a developer who can write VCL
  • Budget allows $50+/month

Why Fastly is different

Fastly's edge nodes run VCL (Varnish Configuration Language), which means you can write custom cache logic. Examples:

# Cache HTML for 1 hour, but skip cache for logged-in users
sub vcl_recv {
  if (req.url ~ "^/wp-admin") {
    return(pass);
  }
  if (req.http.cookie ~ "wordpress_logged_in_") {
    return(pass);
  }
}

# Cache responses for 1 hour, allow stale for 24 hours
sub vcl_fetch {
  set beresp.ttl = 1h;
  set beresp.grace = 24h;
}

This level of control isn't possible on Cloudflare or BunnyNet.

Setup procedure

  1. Sign up at fastly.com (require credit card; $50 minimum monthly)
  2. Create a service for yoursite.com
  3. Configure origin = your server
  4. Upload custom VCL or use Fastly's generated config
  5. Update DNS to point to Fastly

For WordPress: Fastly's documentation has a sample VCL specifically for WordPress. Start there, then customize.

Choosing one (decision tree)

Question 1: What's your traffic level?
  Under 100K visits/month → Cloudflare Free
  100K-1M visits/month → Cloudflare Pro or BunnyNet
  1M+ visits/month → BunnyNet or Fastly

Question 2: How image-heavy?
  Image-heavy (gallery, e-commerce) → BunnyNet
  Text-heavy (blog, magazine) → Cloudflare

Question 3: Need custom cache logic?
  Standard caching enough → Cloudflare or BunnyNet
  Need VCL or complex rules → Fastly

Question 4: Budget?
  $0-20/month → Cloudflare
  $20-50/month → BunnyNet
  $50+/month → Fastly

For 80%+ of WordPress sites we manage, the answer is Cloudflare Free or Pro. For high-traffic image sites, BunnyNet. For complex setups with developers on staff, Fastly.

CDN-specific WordPress optimizations

Regardless of CDN, these WordPress settings help:

Long cache headers on static assets

location ~* \.(jpg|jpeg|png|gif|ico|css|js|webp|avif|woff2)$ {
    expires 1y;
    add_header Cache-Control "public, immutable";
}

Versioned asset URLs

WordPress already does this via ?ver=X.Y query parameters. The CDN should respect these. Don't strip query strings on cached assets.

Bypass cache for personalized pages

Pages that should NEVER be cached (in any CDN):

  • /wp-admin/*
  • /wp-login.php
  • /cart/, /checkout/, /my-account/ (WooCommerce)
  • /?p=*&preview=true

Common mistakes during CDN setup

  • Caching wp-admin — breaks login, save operations
  • Not setting bypass cookies — logged-in users see cached anonymous content
  • Aggressive minify on JS — Cloudflare's Rocket Loader breaks many WordPress themes
  • Not purging on update — old content stays cached after publishing changes

Measuring CDN effectiveness

After deployment, measure:

# TTFB from a remote location
curl -w "@curl-format.txt" -o /dev/null -s https://yoursite.com/

# Cache hit ratio (via CDN dashboard)
# Goal: 90%+ for static assets, 50%+ for HTML

If TTFB doesn't improve, the CDN isn't caching what you think. Check the response headers:

curl -I https://yoursite.com/
# Look for: cf-cache-status: HIT (Cloudflare)
# Or: x-cache: HIT (BunnyNet)
# Or: X-Cache: HIT (Fastly)

When to call a specialist

CDN setup looks simple but configuration mistakes cost performance. We deploy CDNs as part of every speed recovery project, with the WordPress-specific tuning that prevents the common breakages.

CDN setup and tuning typically 2-4 hours. For broader performance work see speed recovery.