diff --git a/HTTP_Headers.md b/HTTP_Headers.md
index b127dd7..8732f5f 100644
--- a/HTTP_Headers.md
+++ b/HTTP_Headers.md
@@ -2,7 +2,7 @@
 
 # User Specified Custom HTTP Headers
 
-Principally for those who use Home Assistant add-on [Cloudflared](https://github.com/brenner-tobias/addon-cloudflared) in order to provide additional security via Cloudflare's Web Application Firewall (WAF). But the solution is generic enough for other use cases.
+Principally for those who use Home Assistant add-on [Cloudflared](https://github.com/brenner-tobias/addon-cloudflared) in order to provide additional security via Cloudflare's Web Application Firewall (WAF). But Garmin does not support certificates in requests. And the solution is generic enough for other use cases.
 
 Please let us know if this solution is found to be useful for other situations.
 
@@ -14,6 +14,12 @@ The settings contain two options for users to specify both the HTTP header name
 
 If you don't know why you need these, leave them empty and ignore.
 
+### Cloudflare WAF rule example
+
+`(any(http.request.headers["your-header-name"][*] eq "your-header-key"))`
+
+Make the key strong enough!
+
 ## Support
 
 **None!**
diff --git a/README.md b/README.md
index 27bed3b..a694284 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,8 @@ The application is designed around a simple scrollable menu where menu items hav
 > [!IMPORTANT]
 > The Garmin SDK allows HTTP requests only to a limited number of domains specified in their app. Therefore, for your Garmin to communicate with your Home Assistant instance, your Home Assistant instance must be accessible via HTTPS (with a public certificate!) or through a local DNS server that overrides one of the whitelisted domains to communicate using HTTP.
 >
+>New with version 3.1, you can use [Cloudflared](https://github.com/brenner-tobias/addon-cloudflared) plug-in in combination with a [custom HTTP header](HTTP_Headers.md) and do not need a public certificate for HTTPS.
+>
 > To make your Home Assistant instance accessible via HTTPS, you will need a public certificate. You can get one for free from [Let's Encrypt](https://letsencrypt.org/) or you can pay for [Home Assistant cloud](https://www.nabucasa.com/). (You can install a local [Nginx proxy server](https://my.home-assistant.io/redirect/supervisor_addon/?addon=a0d7b954_nginxproxymanager) to manage Let's Encrypt certificates.)
 >
 > If you use a local DNS server (like [Pi-Hole](https://pi-hole.net/)), you can create a local DNS record for the domain `garmincdn.com` (which is allowed for HTTP in the Garmin SDK) and map it to your Home Assistant instance's IP. "_[About Communication Between Garmin SDK and a Raspberry Pi](https://www.instructables.com/About-Communication-Between-Garmin-SDK-and-a-Raspb/)_" provides additional workarounds for HTTP request restrictions in the Garmin SDK.