WP Engine
Cloudflare partners with WP Engine to provide WP Engine customers’ websites with Cloudflare’s performance and security benefits.
If you use WP Engine and also have a Cloudflare Enterprise plan, you can use your own Cloudflare Zone to proxy web traffic to your Zone first, then WP Engine’s (the SaaS Provider) Zone second. This configuration option is called Orange-to-Orange (O2O).
Benefits
O2O’s benefits include applying your own Cloudflare Zone’s services and settings - such as WAF, Bot Management, Waiting Room, and more - on the traffic destined for your WP Engine environment. How it works
For more details about how O2O is different than other Cloudflare setups, refer to How O2O works.
Enable
You can only enable O2O on the Cloudflare Enterprise plan.
To enable O2O on your account, create a CNAME
DNS record.
Type | Name | Target | Proxy status |
---|---|---|---|
CNAME | <YOUR_HOSTNAME> | xx.wpewaf.com (Global Edge Security)OR xx.wpenginepowered.com (Advanced Network) | Proxied |
Product compatibility
When a hostname within your Cloudflare Zone has O2O enabled, you assume additional responsibility for the traffic on that hostname because you can now configure various Cloudflare products to affect that traffic. Some of the Cloudflare products compatible with O2O are:
For a full list of compatible products and potential limitations, refer to Product compatibility.
Additional support
If you are a WP Engine customer and have set up your own Cloudflare Zone with O2O enabled on specific hostnames, contact your Cloudflare Account Team or Cloudflare Support for help resolving issues in your own Zone.
Cloudflare will turn to WP Engine if there are technical issues that Cloudflare cannot resolve.
Resolving SSL errors
If you encounter SSL errors, check if you have a CAA
record.
If you do have a CAA
record, check that it permits SSL certificates to be issued by digicert.com
and letsencrypt.org
.
For more details, refer to CAA records.