Flexible - SSL/TLS encryption modes
Setting your encryption mode to
Flexible makes your site partially secure. Cloudflare allows HTTPS connections between your visitor and Cloudflare, but all connections between Cloudflare and your origin are made through HTTP. As a result, an SSL certificate is not required on your origin.
Choose this option when you cannot set up an SSL certificate on your origin or your origin does not support SSL/TLS.
Depending on your origin configuration, you may have to adjust settings to avoid Prerequisites or Mixed Content errors . redirect loops
To change your encryption mode in the dashboard:
Log in to the and select your account and domain. Cloudflare dashboard Go to SSL/TLS. Choose an encryption mode.
To adjust your encryption mode with the API, send a
request with the
value parameter set to your desired setting (
Flexible mode is only supported for HTTPS connections on port 443 (default port). Other ports using HTTPS will fall back to
. Full mode
If your application contains sensitive information (personalized data, user login), use
or Full modes instead. Full (Strict) does not work when your Authenticated Origin Pull is set to SSL/TLS encryption mode Off or Flexible.