Enable SSL/TLS recommendations
To enable SSL/TLS recommendations:
- Log in to the and select your account and application.
- Navigate to SSL/TLS.
- For SSL/TLS Recommender, switch the toggle to On.
Manually trigger a new scan
Once you enable it, the recommender runs future scans periodically — typically every two days — and sends notifications if new recommendations become available.
How it works
Once enabled, the SSL/TLS Recommender runs an origin scan using the user agent
Cloudflare-SSLDetector and ignores your
robots.txt file (except for rules explicitly targeting the user agent).
If so, it will send the zone owner an email with the recommended option and add a Recommended by Cloudflare tag to that option on the SSL/TLS page. You are not required to use this recommendation.
The SSL/TLS Recommender is not intended to resolve issues with website or domain functionality. It will not be able to complete its scan and show the Recommended by Cloudflare tag if:
- Your domain is not functional.
- You block all bots.
- You have any active, SSL-specific Page Rules.