This question has been answered by nickf08. See the first response.
#prevent viewing of htaccess file <FILES .htaccess> order allow,deny deny from all </FILES> #prevent access to any sql file <Files ~ "\.sql$"> Order allow,deny Deny from all </Files> #prevent viewing of .ini files <Files *.ini> order deny,allow deny from all </Files> ServerSignature Off Options -Indexes +FollowSymlinks AddDefaultCharset utf-8 RewriteEngine on RewriteBase / #exclude /assets and /manager directories and images from rewrite rules RewriteRule ^(manager|assets)/.*$ - [L] RewriteRule \.(jpg|jpeg|png|gif|ico)$ - [L] #rewrite URLs to make Search Engine Friendly RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
<base href="[(site_url)]">
Yes, correct, cloudflare is back on (on purpose). Thanks for checking though.
This doesn't have anything to do with Cloudflare, definitely a server (or less likely an Evo) thing. I have changed Evo sites to https successfully before whilst still on cloudflare and it had no bearings in those instances.
ps can you please remove that link to the site. The SEO team doesn't want any extra links floating around. I will edit my post with the links once resolved. Thanks Andy.