Elementor

Elementor scales, accelerates, and secures hosted websites with help from Cloudflare

Elementor was founded in 2016 to empower web creators with the tools to build, launch, and manage websites end-to-end without the need to touch code. The platform now supports over 21 million websites, accounting for 13% of the Internet. With a presence in over 120 countries, their global user base includes companies of all sizes, ranging from SMBs to large enterprises.

Ensuring platform scalability and customer site security

From the day they launched, Elementor partnered with Cloudflare to ensure the scalability, operational efficiency and security they needed to meet the needs of their customers.

According to Chen Levi Elenberg, Elementor’s Director of Hosting and DevOps, “Performance and security are critical in the web hosting industry because they impact the site speed, SEO, conversion rates, and credibility of our customers’ sites.”

With millions of sites now hosted on the platform, the company needed robust security that could scale with their growth.

“We’ve partnered with Cloudflare from day one because we wanted a solution that could handle the scale and provide enterprise-grade security for our customers,” Elenberg explained.

Simplifying web hosting

Cloudflare’s connectivity cloud — which integrates security, connectivity, and developer services into a unified global platform — is a key selling point for Elementor.

“Having one vendor that protects you across all of the different domains requires less maintenance and overhead,” Elenberg said.

Cloudflare is a critical part of Elementor’s mission to offer high-performance, usable web hosting for businesses. SSL for SaaS allows the company to automate the process of managing SSL certificates for their clients’ sites, allowing them to offer SSL certificates for custom domains that automatically renew — with no hassle for Elementor or their customers.

Elementor also uses Cloudflare CDN and Argo Smart Routing to provide the site performance that their customers expect. All of the platform’s traffic is routed through Cloudflare, which uses a combination of caching and optimized routing implemented with Workers, leading to 30% traffic acceleration and 17% latency reduction for their customers' websites.

According to Elenberg, “Cloudflare’s CDN and Argo Smart Routing provide us with the performance aspect that we need for our site.”

Since security is integrated into Cloudflare’s platform, this also means that malicious traffic can be identified and blocked at the network edge, reducing bandwidth utilization and load on Elementor’s services.

Customized caching for dynamic webpages

Additionally, Elementor uses Workers, Cloudflare’s serverless development service, to implement intelligent, custom caching for dynamic content at the network edge.

In addition to the automatic caching of static assets offered by the Cloudflare CDN, Elementor uses Workers to identify and cache dynamic pages that don’t require users to be logged in or have access to the cookies stored on their computers.

“Cloudflare Workers is magic on the edge,” Elenberg enthused. “Everything passes through it at the beginning, so any logic we want to apply can be done up front.”

Reduced DDoS exposure and simplified Zero Trust

Ecommerce sites, like those hosted on Elementor, are frequent targets of cyberattacks. The Cloudflare Application Security suite provides comprehensive, integrated protection, combining traditional WAF detections with protection against advanced threats as part of Cloudflare’s connectivity cloud.

“We host millions of sites that can undergo attacks at any minute,” Elenberg said. “The fact that we have enterprise-grade DDoS protection and bot management helps ensure high availability for our customers’ sites.”

The company also uses Cloudflare Zero Trust to implement Zero Trust access controls for their infrastructure and applications. All of their user workstations have WARP Client installed on their devices, which manages access to their cluster and internal applications based on Zero Trust access controls. With Warp Client, they are able to implement secure, identity-based access to their systems that is intuitive for their developers to use.

Improved operational efficiency and advanced threat prevention

Elenberg points to the integration and various features of Cloudflare’s connectivity cloud as a major source of time and cost savings for the business.

She commented, “SSL for SaaS provides us with the ability to avoid managing certificates at scale, allowing our developers to focus on building new features for our platform.”

In partnership with Cloudflare’s team, Elementor has also developed tailored DDoS protection and WAF rules that block nearly two billion malicious requests each month. These enterprise-grade security benefits are passed on to Elementor’s customers, ensuring the availability and performance of their hosted sites.

What’s next

Elementor is exploring new applications of Cloudflare’s solutions, including expanding their use of Cloudflare Workers and looking into container-focused security solutions.

According to Elenberg, “We look at Cloudflare as a reliable, innovative partner that enables us to offer a solid, performant, and secure solution to our customers.”