My site (https://www.courio.com) has been using CloudFlare with Flexible SSL for quite a while, but just a few minutes ago it started not redirecting HTTPS requests to HTTP on my server. HTTP works fine though. I’ve confirmed my server is up and I haven’t changed any settings. It seems like CloudFlare’s HTTPS -> HTTP forwarding stopped working. Has anyone else seen this?
Looks OK from here:
% curl -s -o /dev/null --dump-header - http://www.courio.com 2>&1 | grep -E 'HTTP|Location' HTTP/1.1 301 Moved Permanently Location: https://www.courio.com/
Are you using the “Always Use HTTPS” from the SSL/TLS settings tab? Do you have an example URL where this is not working? I’m presuming you did not your site for testing, or override DNS with a hosts file entry.
I do have “Always Use HTTPS” (just turned it off), but I’m unable to access the site from HTTPS anymore. After switching I’m able to access from HTTP though. It seems obvious a screw up or change on CloudFlare’s side as I’ve changed nothing, but I’m not sure what to do about it.
If you share a URL the community can have a look.
They both look OK to me, returning a 200 status for a document with the same last modified and content.
I did see one strange thing, that somebody like @cloonan might be able to look at. I made a few different cUrl requests. The one below has an unusual Server header following the H2 upgrade. I have never seen an origin server header get displayed. @matt72 is your origin doing anything unusual, or is it just a plain old, standard config web server? ().
% curl -s -o /dev/null --dump-header - http://www.courio.com --http2 HTTP/1.1 101 Switching Protocols Date: Fri, 17 Jan 2020 22:13:22 GMT Connection: upgrade Set-Cookie: <snip> CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 556bad0f5c85a669-XXX HTTP/2 200 content-encoding: gzip last-modified: Tue, 29 Oct 2019 16:01:17 GMT server: youi content-length: 1446 content-type: text/html accept-ranges: bytes date: Fri, 17 Jan 2020 22:13:22 GMT
Well, it seems to be working fine again…no idea why it stopped though. Very concerning.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.