Pantheon Community

Tips for making site traffic stats more accurate


Kyle Taylor reached out to me on Slack and worked with me to get setup on Cloudflare.

As of a moment ago I am setup there ($20 plan) and he wrote some blocking rules. Will see how it looks over the next week.

He did this with me a sort of a guinea pig to help update docs so that others can more easily do it on their own.

I will post back here to let you know how it works. I will create my own Google doc to show you my settings.

The only glitch in moving over was it took 15 minutes or so for the SSL to get up on Cloudflare, so site was down then. Probably there is a way to pre-provision that.


Hi, all—thanks again, as always, for sharing your concerns here. We continue to listen closely and are working to get answers for you, as well as developing some resources to help out.

At this time, we’re reviewing on a case-by-case basis. If you’d like us to take another look at a specific plan, please hit reply on the email you received.

If you have done that and weren’t able to get the answers you wanted, please drop me a private message on the forums with your site details & I’ll coordinate another look for you.

How to send a private message: click my user image & then click the “Message” box:

I also wanted to mention that I unset the selected solution–I’m trying to make sure that selected answers lead folks to actionable results.

1 Like


Sorry to not have updated here sooner. Putting Cloudflare in front is working great. There are two parts to this:

  1. Hook up Cloudflare to your Pantheon site. That is relatively simple and inexpensive ($20/month). It does require that you run your DNS through Cloudflare, which may not be an option if you only need to do this on a subdomain and do not want to move DNS for the main domain.

  2. Write Firewall Rules to block what needs to be blocked. That looks easy to do in Cloudflare, but how exactly how to determine what IPs and/or user agents should be blocked I am not sure (I got help from Pantheon with it).

Don’t know enough yet about how to do #2 to explain it. It involves getting the Pantheon log files and looking to see what is attacking and then blocking the right things in the Firewall Rules. I will try to understand this better and come back with more.

1 Like

Just dropping back in here to note that it’s been many months, and as far as I can tell there has been no substantial movement or communication from Pantheon regarding any further tools, workarounds, or support on this issue. Anything that would show that Pantheon “values it’s non-profit clients”, the notional CDN traffic dashboard… no-shows all around.

It’s a real bummer, because before this started we recommended Pantheon to every Drupal and Wordpress client as a reliable service with great dev tools and customer support. Now as a developer I need to go work up hosting estimates for every new client because my project managers are tired of writing “bad news, Pantheon is reaching into your pocket” emails every month, and I don’t blame them.

Anyway, I’m beyond hope that something will change at this point, just registering the fact that Pantheon is losing business because of the way all this was handled, and furthermore left a very bitter taste in several mouths.

1 Like

Thank you so much for saying this. I agree 100%. The only reason I stopped posting on this thread is that I have given up on Pantheon. I’ve tried personal back channels, etc. and it’s just a lot of runaround that puts the blame on us for the weird, unaccountable way they account for site traffic.

I also used to refer people to them frequently for years. It’s really kind of heartbreaking. This used to be such a great tool for us, and I know there are a lot of good people behind it. But we just can’t live with the ridiculous pricing and the lack of consideration for smaller users.

I’m hoping that something like DDEV or DevShop will grow into a viable alternative. The only reason we haven’t left Pantheon already is that we have a big migration from D7 coming up and I can just start that project on a new host.