Auto redirect to https with DNS only subdomian

This only happened on my latest added domain, other old domains are good.

I have checkout setting, no differences, and I also tried to remove domain and add it again, no luck.

I have my Always Use HTTPS disabled.


  1. add subdomain with DNS only (no proxy)
  2. put url into chrome, 307 redirect happens (no cache)

anything else I missed?

A 307 is most likely due to HSTS.

HSTS is disabled

What’s the hostname of that subdomain?

1 Like

I just use random words, like, and use A record to my server

anyone helps

I tried looking at your site and it was very shocking. Are you sure that’s the right hostname for your subdomain?

1 Like

lol, sorry, I thought you just need a example. My domain is

UPDATE: After typing all the below, I see your domain is in the HSTS Preload list, but surprisingly doesn’t have the HSTS header. Your domain isn’t listed here, either:
I don’t know what it would take to refresh that list, as removal from is difficult.

A 307 is most likely an HSTS redirect that has almost nothing to do with Cloudflare. Those other domains probably have full **HSTS enabled in SSL/TLS -> Edge Certificates (include Subdomains).**

This gets you a response header like this:
strict-transport-security: max-age=31536000; includeSubDomains; preload

And a site that’s listed at will trigger a 307 redirect in Firefox immediately. Sites with just the header will trigger a reload after first visit because Firefox will remember that HSTS header.

I checked your domain, and it doesn’t have that header.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.