[CiPHPerCoder]

> Ok. But if they use Cloudflare, which MITMs traffic, all their users data is in plaintext to Cloudflare.

Using Cloudflare for DNS, and only DNS, doesn't subject you to this.

If you decide to use their reverse proxy features, then sure, the MITM criticism applies.

[leesalminen]

That's optional though, right? IIRC, you could still have SSL termination occur on your end but you lose tons of features which would require CF MiTM.

[CiPHPerCoder]

Yes, that's optional.