I’ve recently setup my domain and various endpoints behind Cloudflare.
For some reason, only 5-6% of requests are served over TLS.
The following settings are defined for my domain under SSL/TLS.
- Always Use HTTPS: On
- HTTP Strict Transport Security (HSTS): On
- Minimum TLS Version: TLS 1.2
- Opportunistic Encryption: On
- TLS 1.3: On
- Automatic HTTPS Rewrites: On
Given all of that configuration my understanding is that all traffic should be over TLS (1.2+) except the initial HTTP request that may be redirected.
Some pointers on why this may be happening would be appreciated. Thanks in advance.