The Cloudflare Purge module provides a secure and comprehensive way to purge Cloudflare cache directly from your Drupal site. It uses Drupal's built-in Guzzle HTTP client and supports both modern Bearer Token and legacy API Key authentication methods.

This module replicates the functionality of Cloudflare's Purge Cache API using Drupal's secure HTTP client:

curl -X POST "https://api.cloudflare.com/client/v4/zones/YOUR_ZONE_ID/purge_cache" \
 -H "Authorization: Bearer YOUR_BEARER_TOKEN" \
 -H "Content-Type: application/json" \
 --data '{"purge_everything":true}'

Works with Cloudflare's free tier and provides both web UI and Drush command-line interfaces for cache management.

Key Features

Latest Version Highlights

Comprehensive purge operations with Drupal 10.3+ and 11 compatibility!

Purge Operations

Operation Description Plan Required
Purge Everything Clear entire Cloudflare cache for your zone Free
Purge by URL Clear 1-30 specific URLs per request Free
Purge by Cache Tag Clear content by cache tags (up to 30 tags) Enterprise
Purge by Prefix Clear all content under URL prefixes Enterprise
Purge by Hostname Clear all content for specific hostnames Enterprise

Typical Use Cases

Requirements

Installation

Install via Composer (recommended):

composer require drupal/cloudflare_purge
drush en cloudflare_purge

Or install as you would any contributed Drupal module. Visit the Drupal.org module installation documentation for more information.

Optional: For enhanced security, install the Key module:

composer require drupal/key
drush en key

Configuration

Quick Start: Via Admin Interface

Navigate to Configuration → Cloudflare Purge
(/admin/config/cloudflare-purge/credentials)

Configuration Steps:

  1. Choose Authentication Method:
  2. Choose Storage Method:
  3. Enter Credentials:
  4. Save configuration

Auto-Purge Settings (Optional)

Navigate to Configuration → Cloudflare Purge → Auto-Purge Settings
(/admin/config/cloudflare-purge/settings)

Configure automatic cache purging when Drupal cache tags are invalidated:

Note: Automatic tag-based purging requires a Cloudflare Enterprise plan.

Creating Cloudflare Credentials

For Bearer Token (Recommended):

  1. Log into your Cloudflare dashboard
  2. Go to Profile → API Tokens → Create Token
  3. Use "Edit zone DNS" template or create custom token
  4. Set permission: Zone → Cache Purge → Purge
  5. Select your zone(s)
  6. Create and copy the token (shown only once!)

Finding Zone ID:

Enhanced Security: Key Module Integration

The Key module allows you to store credentials outside of the database using secure providers:

Available Key Providers:

Setup with Key Module:

  1. Install the Key module: composer require drupal/key && drush en key
  2. Navigate to Configuration → System → Keys (/admin/config/system/keys)
  3. Create keys for:
  4. Go to Cloudflare Purge configuration
  5. Select "Secure key input" as storage method
  6. Select your keys from the dropdowns
  7. Save configuration

Benefits of Key Module:

Production Deployment: settings.php Override

In production environments, store credentials in settings.php:

Important: You must provide a complete set of credentials:

Bearer Token Example (Recommended):

$settings['cloudflare_purge_credentials'] = [
  'zone_id' => 'your-zone-id-here',
  'bearer_token' => 'your-bearer-token-here',
];

Legacy API Key Example:

$settings['cloudflare_purge_credentials'] = [
  'zone_id' => 'your-zone-id-here',
  'email' => 'your-email@example.com',
  'authorization' => 'your-global-api-key-here',
];

Environment Variables Example:

// Load from environment
if (isset($_ENV['CLOUDFLARE_ZONE_ID'])) {
  $settings['cloudflare_purge_credentials'] = [
    'zone_id' => $_ENV['CLOUDFLARE_ZONE_ID'],
    'bearer_token' => $_ENV['CLOUDFLARE_BEARER_TOKEN'],
  ];
}

Benefits of settings.php:

Credential Resolution Priority

The module uses a three-tier system for resolving credentials:

  1. settings.php – Highest priority, always wins (production recommended)
  2. Key module – If installed and configured (enhanced security)
  3. Plain text config – Database storage (quick setup, backward compatibility)

Usage

Web Interface

Navigate to Configuration → Cloudflare Purge:

Note: Purge forms are disabled until credentials are configured. A warning message with a link to the credentials page will be displayed.

Drush Commands

# Purge all cache
drush cloudflare:purge-all
drush cf-purge-all    # alias
drush cfpa            # short alias

# Purge specific URL(s)
drush cloudflare:purge-url https://example.com/page
drush cf-purge-url https://example.com/a https://example.com/b
drush cfpu "https://example.com/a,https://example.com/b"

# Purge by cache tags (Enterprise)
drush cloudflare:purge-tags node-123 taxonomy-term-45
drush cf-purge-tags "product-1,product-2,product-3"
drush cfpt node-123

# Purge by prefix (Enterprise)
drush cloudflare:purge-prefixes https://example.com/blog/
drush cf-purge-prefixes "https://example.com/products/,https://example.com/images/"
drush cfpp https://example.com/blog/

# Purge by hostname (Enterprise)
drush cloudflare:purge-hostnames www.example.com cdn.example.com
drush cf-purge-hosts "images.example.com,static.example.com"
drush cfph cdn.example.com

# Check configuration status
drush cloudflare:status
drush cf-status
drush cfs

Example output:

$ drush cloudflare:purge-url https://example.com/node/1
 [success] Successfully purged 1 of 1 URL(s).

$ drush cloudflare:status
 [success] Cloudflare credentials are configured.

Permissions

Configure at People → Permissions:

Cloudflare API Limits

Limit Type Value
URLs per request 30
Cache tags per request 30
Prefixes per request 30
Hostnames per request 30
API calls (Free tier) 1,000/day

The module automatically batches larger requests when using Drush commands.

Security

Troubleshooting

Check Drupal Logs

If purging fails, check Reports → Recent log messages for entries from the cloudflare_purge channel.

Common Issues

"Cloudflare credentials are not configured"

Form submit button is disabled

Incomplete credentials warning

Key module "Secure key input" not showing

API call fails

Tag/Prefix/Hostname purging fails

Auto-purge not working

Resources

Legal Disclaimer

This module has not been built, maintained, or supported by Cloudflare, Inc. This is an independent open-source project with no official association with Cloudflare, Inc. The module uses Cloudflare's public API under their terms of service.

Cloudflare® is a registered trademark of Cloudflare, Inc.

back to top ☝️

Alaa Haddad

Developed & Designed By: Alaa Haddad

A Personal Thank You for Your Support

Every project you see here, including this one, reflects countless hours of work driven by my passion for making Drupal better for everyone. Your support truly makes a difference, and there are a few simple ways you can help these projects grow and reach others who might benefit:

W3CSS Theme (d8w3css) - Solo - W3CSS Paragraphs - Paragraphs Bundles - Amun - Amunet - Anhur - Acquia Purge Varnish - Cloudflare Purge - Reference Blocked Users - Solo Copy Blocks - Solo Utilities - PB Import - VVJA - Accordion - VVJC - 3D Carousel - VVJB - Basic Carousel - VVJF - 3D FlipBox - VVJH - Hero - VVJL - Lightbox - VVJP - Parallax - VVJR - Reveal - VVJS - Slideshow - VVJT - Tabs - Module Matrix - Selectify - Utilikit

If you have any questions, ideas, or feedback about my Drupal.org projects, I’d love to hear from you! To keep things open and helpful for the entire community, I encourage you to post directly in the project's issue queue on Drupal.org. This way, your questions and the answers can benefit others who may have the same needs.

At the end of the day, my goal is to make Drupal easier and more enjoyable for everyone, especially small businesses and site builders who want to create professional sites without extra hassle. Together, we can build something even better. Thank you for your support, and for being part of this journey!