my domain “smartcaventures (dot) com” are getting redirected to “clickfunnels(dot)com” when the CNAME is proxied on Cloudflare.
If not proxied, it is loading my website at perfectly.
Very strange
Something is indeed strange.
First of all, to clarify the redirect chain, the smartcaventures.com apex domain actually forwards to www.smartcaventures.com first
that specific redirect might actually be coming from Cloudflare (but I can’t tell for sure); if that’s not a redirect you want, check Page Rules and Bulk Redirects to see where it’s coming from
After the redirect to www.smartcaventures.com is where it gets weird. In SOME cases, there’s a 302 redirect to clickfunnels.com. But I can tell from the HTTP headers that this redirect is actually coming from the origin server, not being generated by Cloudflare. It has a cookie on it & it’s got all kinds of headers from the server that you wouldn’t see on a Cloudflare-initiated redirect
HTTP/2 302
date: Sat, 09 Jul 2022 08:28:11 GMT
content-type: text/html; charset=utf-8
location: https://www.clickfunnels.com
cf-ray: 727faf49d9e462ab-ORD
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 5d2db2b7d0dca2efa01feb63ac87318b
x-runtime: 0.202336
set-cookie: __cf_bm=ILUNOPb9XK22l7bvG7a0lSi5g34VK6Zq_qZOf4mZGiw-1657355291-0-AYTx3kRxrZMzRTdUaK8z9hMH7rKSpKzkH78Mx2Kvjmn9MQ78VjNQANAxfVz0Np2rPdfk9jdG/w59YteBhBppEvZIhADDad0R4eVl45kJkepY; path=/; expires=Sat, 09-Jul-22 08:58:11 GMT; domain=.www.smartcaventures.com; HttpOnly; Secure; SameSite=None
server: cloudflare
In order to even see that 302 Redirect with Curl, I had to spoof my user agent to look like a browser. If I run curl normally, I get a 403 Forbidden.
Possible malware on the server?
Where you do you have the A records for your apex domain AND your www subdomain pointing to? Are they pointing to the same server? Currently you have the apex domain forwarding to www, is that what you wanted?
Does “Phusion Passenger Enterprise” mean anything to you?
You say the problem goes away when you unproxy the DNS. But which DNS record, the apex domain or the www? Or do you have to unproxy both?
Thank you for your reply and analysis.
Yes I have redirected non www to www with Cloudflare rules
I have previously hosted this site with AWS EC2 instance on Linux Bitnami Wordpress instance.
Also I have integrated previously Ezoic with Cloudflare when the site was hosted on AWS upto 2 days back
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.