I’ve got two domains setup at CF: example.org and example.com. Both have A records pointing to origin server IPs (2x each, one A record for
@ and one for
www). Then I have a catchall page rule (redirect) for all non-WWW to WWW HTTPS.
example.com/* Forwarding URL (Status Code: 302 - Temporary Redirect, Url: https://www.example.com/$1)
This is all working as expected.
Now I also have some legacy software (desktop applications) that need to access two URLs without HTTPS (and I can’t change the desktop software, eg they can’t follow HTTPS redirects). I’ve set up these two URLs with page rules to turn SSL off:
http://www.example.com/version.txt SSL: Off http://www.example.com/formdata SSL: Off
Hoping that any requests to
http://www.example.com/formdata would not be redirected to HTTPS, but they are. I have this page rules above (in the ordered list) the catchall redirect.
Other details are that I’ve got both A records for the COM domain proxied (not sure if this is correct, and I’ve tested turning the orange proxy off for non-WWW).
The ORG domain is not really that relevant here except to say that I have a
proxy_pass on my origin Nginx server to pass through requests to
/formdata (COM → ORG) where I’ve got an app running on another origin server elsewhere. That part seems to be working on its own but the requests to HTTP URLs mentioned above are still getting redirected to HTTPS.
Note that I’ve got no origin server HTTPS enforcement at all. My Nginx server block is only listening on port 80. The Django app that serves the website doesn’t have any HTTPS enforcement either, so I’m thinking CF is doing this.
Any ideas, thoughts?
In my somewhat frantic attempt to resolve this over the last couple days, I’ve tried variations of several things, but I think those various config changes are not tested enough to write here. The use case above is well tested and has been configured for 15-20 hours.