If all you did was enable Cloudflare, then you’re likely using Cloudflare’s Flexible SSL system. With Flexible SSL, only the connection between your visitors and Cloudflare is encrypted, the connection between Cloudflare and our servers is not. And because our server doesn’t receive an encrypted connection, this confuses WordPress about whether HTTPS is in use or not, and cause the redirect loop.
There are two ways to fix this.
The most secure option is to use Full SSL in Cloudflare. That way, the connection between Cloudflare and our server is encrypted too, so WordPress can properly detect that HTTPS is being used:
Alternatively, you can keep using Flexible SSL, but then you’ll need to make some changes on the WordPress side so it can properly detect whether HTTPS is use: