WHEN THEY PERFORM THE CHECK. But by design cloudflare routes "proxied" your traffic through their servers before. Their certificates. They have 5 levels: - Off (no SSL) - flexible (MITM and the server gets no SSL request) - full (MITM, your server gets SSL requests) - full strict (MITM and they enforce the MITM) - strict (MITM)

"I have all this data, but don't worry when I check the passwords I only look at the hashed data!"

Lol, yeesh, I need to research them more. I just self-host so much of my shit I almost forget how much people trust nameless faceless orgs with their data.