Skip to content
  • Bitcoin accepted
  • MMonero accepted
  • DMCA-resilient
  • Anonymous signup
  • ΞEthereum accepted
  • No KYC
  • 99.99% uptime
  • 24/7 support
  • 7-day money-back
  • Provisioned in < 5 min
  • Iceland · Switzerland · Netherlands
  • USDT accepted
Bitcoin accepted. Monero accepted. DMCA-resilient. Anonymous signup. Ethereum accepted. No KYC. 99.99% uptime. 24/7 support. 7-day money-back. Provisioned in under 5 minutes. Iceland, Switzerland, Netherlands. USDT accepted.
SilentHosts
Get started
Networking & DNS5 min readUpdated 2026-04-30

Put Cloudflare in front of your VPS

Free CDN, DDoS layer, and DNS — Cloudflare proxying makes your VPS faster and harder to attack.

Cloudflare's free tier is a no-brainer for any internet-facing VPS. It absorbs DDoS, caches static assets, and adds TLS without extra config. Setup takes 10 minutes.

1. Create a free Cloudflare account

Sign up at cloudflare.com. The free tier covers most of what a VPS needs.

2. Add your domain

In the dashboard: Add a Site → enter example.com. Cloudflare scans your existing DNS records.

3. Update nameservers

Cloudflare gives you 2 nameservers (e.g. lin.ns.cloudflare.com, ben.ns.cloudflare.com). Set these in your registrar's nameserver panel. Propagation takes 5-30 minutes.

4. Enable proxy on A/AAAA records

In Cloudflare's DNS panel, click the gray cloud next to your A and AAAA records to turn them orange. Orange = proxied through Cloudflare. Now your VPS IP is hidden from public DNS, and Cloudflare absorbs DDoS at the edge.

5. SSL/TLS mode

Cloudflare → SSL/TLS → set mode to 'Full (strict)'. This requires your VPS to serve a valid TLS certificate (use Let's Encrypt — see /kb/lets-encrypt-ssl). Anything less than 'Full (strict)' is downgrade-attack-vulnerable.

Tighten your VPS firewall

After Cloudflare is in front, only Cloudflare IPs should reach your origin. Restrict ports 80/443 in ufw to Cloudflare IP ranges (https://www.cloudflare.com/ips/). This stops attackers from finding and bypassing Cloudflare.

Related articles

Configure DNS for a domain pointing to your VPS

A and AAAA records for IPv4/IPv6, MX for email, and the basic A→VPS pattern.

Read

Get a free TLS certificate with Let's Encrypt

Install certbot, issue a cert, and auto-renew — your site speaks HTTPS in 5 minutes.

Read

Firewall basics with ufw

Default-deny inbound, allow only what you need. Standard ufw rules for a typical web VPS.

Read
All articlesStill stuck? Open a ticket

Deploy your first offshore server in 60 seconds.

Anonymous signup. Bitcoin & Monero accepted. Provisioned across 8 jurisdictions.

Get startedTalk to sales

No credit card required · 7-day money-back guarantee