Yes, Cloudflare Workers will still work even if you switch the SSL/TLS encryption mode to "Flexible" in Cloudflare. However, it’s essential to understand the implications of using the "Flexible" SSL/TLS mode.
In "Flexible" mode, Cloudflare encrypts the connection between the visitor and Cloudflare, but the connection between Cloudflare and your origin server (Webflow in this case) is not encrypted. This means traffic between Cloudflare and your origin server is transmitted over HTTP rather than HTTPS.
Here are some considerations:
-
Security: Using "Flexible" SSL/TLS mode means that the traffic between Cloudflare and your origin server is not encrypted. This could expose sensitive data transmitted between Cloudflare and your server to interception or manipulation.
-
Content Integrity: Without encryption between Cloudflare and your origin server, there is a risk of content being modified in transit by attackers.
-
Mixed Content: If your website serves content over HTTPS (secured) but loads resources over HTTP (unsecured) due to the "Flexible" SSL/TLS mode, it can trigger mixed content warnings in browsers, which may affect the security and user experience of your site.
-
Compliance: Some compliance standards, such as PCI DSS, require end-to-end encryption of sensitive data. "Flexible" SSL/TLS mode may not meet these compliance requirements.
In summary, while Cloudflare Workers will continue to function with "Flexible" SSL/TLS mode, it’s essential to consider the security implications carefully and whether it aligns with your website’s requirements and compliance standards. If possible, using "Full" or "Full (strict)" SSL/TLS mode, where encryption is maintained on your origin server, is generally recommended for improved security and compliance.