Make it fast and safe

Going live isn't just "it loads" — it has to be fast and safe. Two free, layered passes of Cloudflare settings did both, and the nice part is every request is checked at the edge before it ever reaches the site.

Safe. A request is forced onto HTTPS (TLS Full strict, so both legs are encrypted), screened by the WAF + Bot Fight Mode, met by a Turnstile only on the contact form, and finally handed a strict CSP plus the usual security headers. One quiet hero: a CAA record, so the HTTPS certificate's automatic renewal can never silently break (the failure nobody sees coming until the padlock breaks for everyone).

Fast. Cache headers in _headers + the Cloudflare CDN mean most requests are answered by a copy near the visitor — hashed assets cached for a year, the HTML shell kept fresh within five minutes of a deploy. Instant on repeat visits, and almost free to serve.

The full how-to is split in two: Fast, safe SSL & security on the edge → and HTTP caching on Cloudflare's CDN →.