Actually I had HSTS enabled and max age was set to 6 months.
I disabled always use https so got issue with many members where cant access the site anymore ( I have all redirect rules from http to https)
Then I disabled HSTS and put SSL to flexible so site went totally Offline.
My question, If I keep HSTS ON and put the max age to Zero, how much time I must wait so that I can totally disable it?
In other words, I dont want to wait these 6 months because I want to disable always use https.
You will have to wait for that long HSTS instructs browsers to connect exclusively via HTTPS for the given period. Only after that directive has expired these browser will consider connecting via HTTP again.
But I will keep using https as I mentioned because I have all redirect rules from http to https are settled.
I only want to disable (always use https in crypto)
So those browsers will not update when we set max age to Zero like 7 days where all members should visit page at least once and then I disable HSTS?
After 10 months of changing my website from http to https and lost all my ranking in google where I did all what they want and not get back my position, I’m a bit sure that the problem is from HSTS because must Disable always use HTTPS so google will figure out that both sites are same (http and https)… Maybe my point is wrong but after 10 months, just yesterday I disabled always use HTTPS then in short I found some pages of my site in google came up to very top at 1st page where they were in 8th page.
Please note that, my ranking and position in google console with http still doing perfect without any clicks and https worse with all clicks I get out to my website.
Assuming your HTTPS setup is proper (on Cloudflare and on your server, both having a valid certificate) it should not affect any search engine ranking at all. If at all, it should improve it.
Instead of disabling HTTPS I’d rather check what the problem might be and fix that. HTTPS might not be required for all types of sites, but it still is a good idea
OK we added Certificate to server side but kindly can u explain why you said both on CF and server side must have SSL certificate knowing that google and members cant see website behind CF? as I know, certificate on server we need if we want to make it full strict mode between CF and server.
Still waiting your kind help and support on my issue.
The point is the data is transmitted from Cloudflare to your server and if you dont have a certificate this renders HTTPS useless and the site will be as insecure as it was before you added it to Cloudflare.