… or else I misunderstand it. I’m hosting a few sites that use Cloudflare; all have valid SSL certificates, all have Always Use HTTPS turned on. Some of them do not redirect to HTTPS. Some of them do. Some of the ones that do seem to do it stealthily; in Safari, for example, the lock won’t appear in the URL bar, but the site is in fact resolving to HTTPS.
All of the sites will resolve to https if I enter the https url manually. Of the ones that won’t, I’ve tried forcing them with .htaccess, but they remain http.
Is there any logic to how this feature works? What could I be missing?