You can still use httpS://ipaddress:7080 to access the webadmin. If you want to visit it by domain, you can set up another virtual host for ls01.xxx.com without proxy, since Cloudflare does not allow port 7080 to pass through.
Just create a normal VH with a valid domain, then you can access it with port 7080.
A warning should be fine, because it uses a self-signed certificate by default, accept it and you should be able to proceed it.
It should only redirect to https, no redirect to http feature, so I am not sure why you have such an issue. If you can reproduce it on an incognito browser, please share it with us through firstname.lastname@example.org