When I do
curl -v --resolve www.domain.com:443:ip https://www.domain.com
I get the propper response from django
when I do
curl -v --resolve www.domain.com:443:ip http://www.domain.com
I get propper redirection
when I do either of
I get redirection which is wrong. I think CF is redirecting my https to http.
Cloudflare is redirecting https to http to my server, I'm doing vise versa, hence infinite loop error
When I do
It’s not Cloudflare. Your server is configured to redirect everything to HTTPS, but since in your Cloudflare settings you set the connection mode to Flexible, Cloudflare connects via HTTP to the origin getting the 301 redirect each time.
- if the server has HTTPS configured (possibly with a valid certificate) set the SSL setting in the Crypto tab to Full (Strict), Full if the cert is not valid. This is the preferred method.
- remove the redirect server-side, handle it via Cloudflare as it is already doing apparently as well. This could and should be done regardless probably.
I have redirected http to https with nginx. but when I open my domain I get infinite redirects. I believe CF is redirecting https to http
That problem was fixed then but today I sent post requests to my website and got nginx 404 error from CF back so I just got sick of CF and tried to change my DNS to something else but then I thought let’s just disable CDN from CF maybe it will get fixed and again I have the https redirection problem.
From what I can tell it is still the same issue as the one addressed by @matteo. Your HTTPS requests are redirected to HTTPS, most likely becaus they hit your server as HTTP.
yes. and that is because CF is sending the https requests into http requests.
But I have set it to strict (full)
Can you post a screenshot of that, as well as one of your page rules?
In that case it might be the Nginx configuration you referred to. Maybe you are redirecting to HTTPS, regardless of the way the request arrives. Remove that redirect and try again.
I have made no changes to my nginx config.
I had done that yesterday already and it was working.
If you feel comfortable enough revealing your IP address you could do so and someone could have a look at it. Alternatively you could also run a check of your IP address at sitemeer.com and tell me at what time you ran it and I could dig it out of the log.
It actually does
< HTTP/1.1 301 Moved Permanently * Server nginx is not blacklisted < Server: nginx < Date: Tue, 12 Feb 2019 17:07:03 GMT < Content-Type: text/html; charset=utf-8 < Transfer-Encoding: chunked < Connection: keep-alive < Location: https://www.glassacademy.ir/ < x-content-type-options: nosniff < x-xss-protection: 1; mode=block < Strict-Transport-Security: max-age=63072000; includeSubdomains; preload < X-Frame-Options: DENY < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block
but I haven’t misconfigured anything ;(((
Here is my nginx.conf: https://termbin.com/6jsn
here is my sites-enabled(single file in directory) https://termbin.com/bnfc
Here is my django settings.py: https://termbin.com/c6ng
Well, I dont know what else to respond. Your server sends an unconditional redirect. Where that happens is something you need to check in your configuration. Cloudflare is not involved however.