diff --git a/README.md b/README.md
index 45d3049..dbeb9e3 100644
--- a/README.md
+++ b/README.md
@@ -48,13 +48,13 @@ label:
     - "traefik.http.routers.service-name.entrypoints=websecure"
 ```
 
-Besides the entrypoint setup, I add cloudflare proxy (for exposing real ip to access.log for crowdsec to read), crowdsec-firewall-bouncer, compression with brotli middlrewares method in traefik.yml and dynamic.yml
+Besides the entrypoint setup, I add CrowdSec firewall bouncer plus a compression middleware (brotli/gzip/zstd) defined in `dynamic.yml`. Cloudflare’s IP ranges are injected directly into `traefik.yml` by a helper script, so no extra plugin middleware is required anymore.
 
 Adding middlewares is also guided by labels: 
 
 ```yaml
 label: 
-    - "traefik.http.routers.service-name.middlewares=cloudflarewarp@file,crowdsec@file,compress-middleware@file"
+    - "traefik.http.routers.service-name.middlewares=crowdsec@file,compress-middleware@file"
 ```
 
 The order of middlewares is meaningful. 
@@ -73,7 +73,7 @@ labels:
       - "traefik.http.routers.ghost.rule=Host(`blog.gbanyan.net`)"
       - "traefik.http.services.ghost.loadbalancer.server.port=2368"
       - "traefik.http.routers.ghost.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.ghost.middlewares=cloudflarewarp@file,crowdsec@file,compress-middleware@file"
+      - "traefik.http.routers.ghost.middlewares=crowdsec@file,compress-middleware@file"
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.docker.network=traefik_default"
 ```
@@ -91,6 +91,6 @@ PS: Because I access my traefik dashboard through my local network. I commented
 2. ChangeLog: 
 
 - 2025.4.21 Add the defaulthost rule for container name for lazy writing. But commented out for precision.  
-- 2025.4.21 Fix the trused IP settings to let the traefik-plugin-cloudflare tackle it. 
+- 2025.4.21 Fix the trusted IP settings; later replaced by an internal updater instead of the traefik-plugin-cloudflare. 
 - 2025.4.18 Add Souin HTTP Cache Middleware (in feature branch, not merge into main)
-- 2025.4.18 Temp disable the compression middleware. It has MIME type bugs. 
\ No newline at end of file
+- 2025.4.18 Temp disable the compression middleware. It has MIME type bugs. 
diff --git a/dynamic.yml b/dynamic.yml
index 534497a..c225477 100644
--- a/dynamic.yml
+++ b/dynamic.yml
@@ -4,12 +4,6 @@ http:
       headers:
         customRequestHeaders:
           Host: ""  # This will catch requests with no Host header or invalid ones
-    cloudflarewarp:
-      plugin:
-        cloudflare:
-          trustedCIDRs: []
-          overwriteRequestHeader: true
-          debug: false
     crowdsec:
       plugin:
         bouncer:
@@ -51,4 +45,4 @@ http:
     qbit:
       loadBalancer:
         servers:
-          - url: "http://192.168.50.4:8083"
\ No newline at end of file
+          - url: "http://192.168.50.4:8083"
diff --git a/traefik.yml b/traefik.yml
index 3f7ec95..fb62f43 100644
--- a/traefik.yml
+++ b/traefik.yml
@@ -129,9 +129,6 @@ metrics:
 
 experimental:
   plugins:
-    cloudflare:
-      moduleName: github.com/agence-gaya/traefik-plugin-cloudflare
-      version: v1.2.0
     bouncer:
       moduleName: github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin
       version: v1.4.2