After setting up Cloudflare, it is important to configure the SSL mode correctly. The wrong setting can either break your site or leave it insecure.

Cloudflare SSL modes explained

• Off — No SSL. Visitors see an insecure connection. Never use this.
• Flexible — Cloudflare connects to your browser over HTTPS, but connects to your server over plain HTTP. Use this only if your server has no SSL certificate installed.
• Full — Cloudflare connects to both the browser and your server over HTTPS. Your server needs an SSL certificate (self-signed is accepted).
• Full (Strict) — Same as Full, but your server must have a valid (not self-signed) SSL certificate. This is the most secure option and is recommended if you have AutoSSL installed.

Recommended setting for TPC Hosting

Since TPC Hosting provides free SSL via AutoSSL, use Full (Strict):

1. In cPanel, run AutoSSL first to make sure a valid SSL certificate is installed on your domain (Security → SSL/TLS Status → Run AutoSSL).
2. Log in to https://dash.cloudflare.com and select your domain.
3. Go to SSL/TLS → Overview.
4. Select Full (Strict).

Enable Always Use HTTPS

1. In Cloudflare, go to SSL/TLS → Edge Certificates.
2. Enable Always Use HTTPS.
3. Enable Automatic HTTPS Rewrites to fix mixed content warnings.