Feed behind cloudflare ddos protection still does not work with TTRSS. There is similar topic in old forums (https://tt-rss.org/oldforum/viewtopic.php?t=4031). For example you can try rss link http://predb.me/?rss=1 via curl and you’ll get HTTP 503 or HTTP 403 error code. Opening the same URL in web browser works just fine.
tt-rss version: 19.2-9423d72 (shared hosting cpanel, php 7.2, mariadb 10)
[19:53:57/28983] start [19:53:57/28983] local cache will not be used for this feed [19:53:57/28983] last unconditional update request: 2018-11-23 10:01:44 [19:53:57/28983] not using CURL due to open_basedir restrictions [19:53:57/28983] maximum allowed interval for conditional requests exceeded, forcing refetch [19:53:57/28983] fetching [https://www.example.com/categories/feed.rss] (force_refetch: 1)... [19:53:57/28983] fetch done. [19:53:57/28983] source last modified: [19:53:57/28983] unable to fetch: HTTP/1.1 503 Service Temporarily Unavailable 
I was able to mitigate this problem by using PHP lib cloudflare-bypass (https://github.com/KyranRana/cloudflare-bypass). Solution was to put example from https://github.com/KyranRana/cloudflare-bypass/blob/master/examples/curl.php on my hosting server and modify script to take URL parameter from query params.
It would be great if tt-rss would somehow support this scenario natively or via plugin. Going through plugin examples and available hooks in PluginHost I didn’t find anything suitable for feed url manipulation.