Use clouflare with ssl, login to cludflare account - make sure DNS is cloudfare for your domain.
1. go to -> Your SSL/TLS encryption mode is Full
2. choose -> Full "Encrypts end-to-end, using a self signed certificate on the server".
full explanation of each future for hep section:
What SSL setting should I use?
This setting controls how Cloudflare’s servers connect to your origin for HTTPS requests. We recommend enabling the Full SSL (Strict) setting if possible. Common use cases for each are:
Off: No visitors will be able to view your site over HTTPS; they will be redirected to HTTP.
Flexible SSL: You cannot configure HTTPS support on your origin, even with a certificate that is not valid for your site. Visitors will be able to access your site over HTTPS, but connections to your origin will be made over HTTP. Note: You may encounter a redirect loop with some origin configurations.
Full SSL: Your origin supports HTTPS, but the certificate installed does not match your domain or is self-signed. Cloudflare will connect to your origin over HTTPS, but will not validate the certificate.
Full (strict): Your origin has a valid certificate (not expired and signed by a trusted CA or Cloudflare Origin CA) installed. Cloudflare will connect over HTTPS and verify the cert on each request.