Off (no encryption)
Setting your encryption mode to Off (not recommended) redirects any HTTPS request to plaintext HTTP.
flowchart LR
accTitle: No SSL/TLS Encryption
accDescr: With an encryption mode of Off, your application does not encrypt traffic between the visitor and Cloudflare or between Cloudflare and your server.
A[Browser] <--Unencrypted--> B((Cloudflare))<--Unencrypted--> C[(Origin server)]
Cloudflare does not recommend setting your encryption mode to Off.
To change your encryption mode in the dashboard:
- Log in to the Cloudflare dashboard ↗ and select your account and domain.
- Go to SSL/TLS.
- Choose an encryption mode.
To adjust your encryption mode with the API, send a PATCH request with ssl as the setting name in the URI path, and the value parameter set to your desired setting (off, flexible, full, strict, or origin_pull).
When you set your encryption mode to Off, your application:
- Leaves your visitors and your application vulnerable to attacks ↗.
- Will be marked as “not secure” by Chrome and other browsers, reducing visitor trust.
- Will be penalized in SEO rankings ↗.
When you set your SSL/TLS encryption mode to Off, you will not see the options for Always Use HTTPS or Onion Routing.
Authenticated Origin Pull does not work when your SSL/TLS encryption mode is set to Off or Flexible.