I'm just happy the site is back up.
If we are behind cloudflare now, can we enable at least the fake ssl cert? It may not provide full protection but at least you will have something between users and cloudflare.
Edit: nevermind it is enabled, forgot to install the https everywhere plugin