@sheogorath @tootapp That doesn't really solve the problem. CloudFlare is still MITMing your connection regardless. But instead of blindly trusting your server's certificate, it will check it.

User's data is still vulnerable. Completely unacceptable.