Force redirects to www not working properly. Seemingly random issues


#1

Hi folks, I’ve posted a ticket too but wondered if

Hello. My website is hosted with Siteground and yesterday I requested their support to force all url’s to https://www.waynela.com/. It was previously forced to https://waynela.com. Ever since they made the change, I’ve had issues which they are unable to fix.

For example, when I enter the https:// non-www version on Chrome desktop and mobile, the redirection works but when I enter it on Microsoft Edge, I get an error message. I’ve got lots of examples but I’m a newb here and can only post two links but basically, I

I’ve gotten a friend to test my site in Germany and she sees the same intermittent problems too.

The problem is Siteground have done all they can do and suggest the errors have been triggered by Cloudflare SSL.

I’m waiting for Cloudflare to get back to me but was just wondering in the meantime if anyone has come across this issue and how was it resolved?


#2

Here in Italy everything works just fine from the browser, but shows issues with an expired certificate which I sincerely can’t comprehend since I haven’t seen such an issue.

I’ll ping @cloonan, @ryan and @cscharff urgently.

https://www.ssllabs.com/ssltest/analyze.html?d=www.waynela.com&hideResults=on&latest

On another note I would probably move the redirect to a Cloudflare page rule, it would be faster instead of going to the origin.


#3

Thanks @matteo Unfortunately those awesome Siteground guys have been unable to locate the precise problem so it must be quite a unique problem.


#4

Yeah, plus it really seems to be on Cloudflare’s side (which I can’t believe I am saying on this kind of issue, replied to hundreds of similar issues, not once was on Cloudflare’s side).


#5

Hi @la.superstar, I’d agree, this does seem odd. I see the ticket and added some notes. A few questions while we wait for support.

  • Do you see this when you visit the site in incognito mode?
  • Can you clear your cache & cookies and visit the site?
  • Can you share the output from http://waynela.com/cdn-cgi/trace from a machine that sees the intermittent problem?
  • Aside from your colleague in Germany, have you tried a different machine or browser when but on your/the same network?
  • Does this occur on a different internet connection/network?

Will continue to research and I’m sorry you’re having issues with this.

Edit - Have you tried to remove and re-generate the origin certificate? Current thinking is this may be an issue with browser compatibility, https://support.cloudflare.com/hc/en-us/articles/204846347-Which-browsers-are-supported-for-Universal-SSL- but, still digging.


#6

Has the issue been fixed by now? For me it is working in both, Firefox and Chrome.


#7

To me everything was fine by browser, but trying from the command line failed every time.


#8

@sandro the issue is still there. For example on mobile Chrome browser incognito mode, I can see redirect works fine when I enter ‘waynela.com’, but I get an error when I enter ‘www.waynela.com’.


#9

@la.superstar, true. I could just reproduce it with a mobile browser too.

@matteo, I got an expired certificate too

image


From what I could establish so far it seems going straight to https://www.waynela.com does not work and yields the aforementioned certificate error. Going first to the naked domain however (where there is a valid certificate) and then getting a redirect to www does seem to work and I assume that might have to do with how browsers reuse TLS sessions (and the non-www certificate is valid for www too).

These are all wild guesses and I might be completely wrong but at this point I can only hand it over to @cloonan as well :slight_smile:


#10

Yeah it’s for sure a first for me. Never seen a Cloudflare certificate expired.


#11

I remember such issues from earlier but the combination of working and non-working is a first for me too.

And debugging distributed systems is always fun :smile:


#12

hi @cloonan, to answer your questions:

  • Do you see this when you visit the site in incognito mode? Yes the issues occur when I’m using incognito mode whether Chrome desktop, mobile or Microsoft Edge
  • Can you clear your cache and cookies and visit the site? Yes all caches are cleared and the issues remain
  • Aside from your colleague in Germany, have you tried a different machine or browser when but on your/the same network? I’ve used two different a laptop, my desktop (on same network) and two phones on 4g data and the issues are across all devices
  • Does this occur on a different internet connection/network? Yes

I’ve also just disabled and re-enabled Universal SSL and it’s had no effect.

I’ve gotten a generic response from support with SSL information and I’ll need to read the ‘Further Questions’ section (which I can’t find) if I wanted to follow up with them. It’s likely they’ll take a few days to respond.

At this point, I think it’s just easier for me to disable Cloudflare for this site after all, it was performing OK without it.


#13

@cloonan

fl=21f54
h=waynela.com
ip=51.6.66.108
ts=1549360395.58
visit_scheme=http
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=LHR
http=http/1.1
loc=GB
tls=off
sni=off


#14

@la.superstar, can you try to disable universal SSL, wait for 15 minutes, and re-enable it again?


#15

@sandro I just did that for 25 minutes and re-enabled again. No difference I’m afraid :slight_smile:


#16

Noob question but might it work if I set up a new Cloudflare account and connect the site through there?


#17

You never know, but I dont think so to be honest. Something got stuck with your certificate and Cloudflare probably has to fix it manually.


#18

I’ve paused it on the Cloudflare dashboard so now the website works again. Hopefully, they’ll still be able to access what they need if they’re able and willing to fix it but I can’t leave my site broken for days until they do. Thanks for your help everyone!


#19

Well, most of the time they arent, but then there are the few times when they are :smile:


#20

@la.superstar, have you tried to remove and re-generate the origin certificate?