Overview
By default, Hado SEO requires DNS only mode (gray cloud) during initial setup for DNS verification and SSL provisioning. Once your domain is verified and working, you can enable Cloudflare’s proxy (orange cloud) to layer Cloudflare’s security features on top of Hado SEO.Why Enable Cloudflare Proxy?
- DDoS protection from Cloudflare’s network
- Web Application Firewall (WAF) for additional security
- IP masking so your origin IP isn’t exposed via DNS lookups
Hado SEO already includes a global edge network, SSL, and compression. Cloudflare proxy adds a security layer on top, not a performance one.
Prerequisites
- Your domain is already set up in Hado SEO with DNS verified and SSL active
- Your site is loading correctly through Hado SEO
- Your domain’s DNS is managed by Cloudflare
Step-by-Step Setup
Verify Hado SEO is working
Before enabling the orange cloud, confirm everything works:
- Visit your domain in a browser and verify your site loads
- Check your Hado SEO Dashboard shows DNS Configured
- Test with the SEO Bot Crawler Test to confirm prerendering works
Set Cloudflare SSL/TLS to Full (Strict)
This is the most important step. Cloudflare must connect to Hado SEO over HTTPS.
- Go to your Cloudflare Dashboard
- Select your domain
- Go to SSL/TLS in the sidebar
- Set the encryption mode to Full (Strict)
| Mode | Works? | Notes |
|---|---|---|
| Off | No | No encryption |
| Flexible | No | Causes redirect loops |
| Full | Yes | Connects to Hado over HTTPS |
| Full (Strict) | Yes | Best option, validates certificate |
Disable Bot Fight Mode
Cloudflare’s bot management can block search engine crawlers before they reach Hado SEO.
- Go to Security → Bots in the Cloudflare sidebar
- Turn off Bot Fight Mode
- If you have Super Bot Fight Mode (Pro+), ensure Verified Bots are set to Allow
Enable the orange cloud
- Go to DNS → Records
- Click the gray cloud icon next to your A records to toggle it orange
- Save each record
| Type | Name | Value | Proxy Status |
|---|---|---|---|
| A | @ | 137.66.32.95 | Proxied (orange) |
| A | www | 137.66.32.95 | Proxied (orange) |
Verify everything still works
After enabling the proxy:
- Visit your site in a browser
- Run the SEO Bot Crawler Test to confirm prerendering still works
- Check your Hado SEO Analytics over the next 24 hours to confirm bot visits are being tracked
Recommended Cloudflare Settings
Caching
Cloudflare does not cache HTML by default, so bot detection works correctly out of the box. Hado SEO serves different content based on User-Agent (prerendered HTML for bots, passthrough for humans), and since HTML isn’t cached by Cloudflare, each request reaches Hado SEO properly. No changes needed for most sites. If you’ve added custom cache rules for HTML, make sure they don’t interfere with bot-specific responses.Security Settings
| Setting | Recommended | Why |
|---|---|---|
| SSL/TLS Mode | Full (Strict) | Prevents redirect loops |
| Bot Fight Mode | Off | Allows search engine bots through |
| Under Attack Mode | Off (use only during attacks) | Challenges all visitors including bots |
| Browser Integrity Check | On (default) | Safe to keep enabled |
| Always Use HTTPS | On | Matches Hado SEO’s HTTPS enforcement |
Settings to Avoid
Don't enable Under Attack Mode permanently
Don't enable Under Attack Mode permanently
Under Attack Mode shows a JavaScript challenge to every visitor. Search engine bots can’t solve these challenges and will fail to reach your prerendered pages.Only enable this during an active DDoS attack, and disable it afterward.
Don't cache HTML responses
Don't cache HTML responses
If you’ve set up custom Page Rules or Cache Rules that cache HTML (
Cache Everything), Cloudflare may serve a cached human response to a bot (or vice versa).Either exclude HTML from caching or remove Cache Everything rules for your domain.Don't use Cloudflare Workers that modify responses
Don't use Cloudflare Workers that modify responses
Cloudflare Workers that rewrite HTML, inject scripts, or modify headers can interfere with prerendered content and bot detection.If you use Workers, ensure they pass through requests to Hado SEO without modification.
Troubleshooting
Redirect loop (ERR_TOO_MANY_REDIRECTS)
Redirect loop (ERR_TOO_MANY_REDIRECTS)
Cause: Cloudflare SSL/TLS is set to Flexible instead of Full (Strict).Fix: Go to Cloudflare → SSL/TLS and change to Full (Strict).
Bots not being prerendered
Bots not being prerendered
Cause: Cloudflare’s Bot Fight Mode or Super Bot Fight Mode is blocking crawlers.Fix:
- Disable Bot Fight Mode in Security → Bots
- For Super Bot Fight Mode, set Verified Bots to Allow
- Check Cloudflare’s Firewall Events log to see if bots are being challenged
Site loads but analytics show no bot visits
Site loads but analytics show no bot visits
Cause: Cloudflare might be caching HTML or blocking bots silently.Fix:
- Run the SEO Bot Crawler Test to check prerendering
- Check Cloudflare Firewall Events for blocked requests
- Ensure no Cache Everything rules are active for HTML pages
- Wait 24-48 hours since bot visits are not immediate
SSL certificate errors
SSL certificate errors
Cause: Cloudflare can’t validate Hado SEO’s SSL certificate.Fix:
- Ensure SSL/TLS is set to Full (not Full Strict) as a temporary workaround
- Verify your domain’s SSL is active in your Hado SEO dashboard
- If issues persist, temporarily switch back to gray cloud and contact [email protected]
Reverting to DNS Only
If you need to disable Cloudflare proxy:- Go to Cloudflare DNS → Records
- Click the orange cloud icon to toggle it back to gray
- Save each record
- Changes take effect within a few minutes
Cloudflare Pages Integration
Set up Hado SEO with Cloudflare Pages
DNS Setup Guide
DNS configuration for all providers