Getting Cloudflare to Work with HTTPS and WWW Forcing

I just activated Cloudflare for my website but with Cloudflare activated my website becomes inaccessible due to “too many redirects” which led me to a Cloudflare webpage whose link I’ve had to remove since I’m a new user and am blocked from posting too many links.

Note that I had the following code in my website’s htaccess file to force https and www:

RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.mydomain\.com$ [NC]
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [L,R=301]

I removed the above code from my htaccess file and my website magically returned to life. So why does Cloudflare fall down over this fairly standard bit of code?

While my website is now accessible, I now have the problem that an http url of mydomain.com/page.html is accepted as being an okay URL and its not

Problem 1: H T T P S
I’m guessing that if I want to force https to be active site wide, all I have to do is turn on the “Always Use HTTPS” option in the SSL/TLS area. Is that correct.

Problem 2: Forcing WWW
I found Cloudflare pages on this but had to delete them since Cloudflare was rejecting my post because of too many links.

So I’m guessing that I must create a Cloudflare rule to force WWW via the Redirect Rules tool. Using the Rules tool:
For Incoming request I specify the following:

Field:  Hostname
Operator: equals
Value: artsnova.com

Then for the URL redirect:

Type: Dynamic
Expression:  concat("https://www.artsnova.com", http.request.uri.path) 
Status Code: 301 
Check "Preserve Query String"

So why dynamic? What’s the difference between dynamic and static?
With respect to expressions, I understand that http.request.uri.path is a variable that contains the path and file name minus the original non-www domain name.

Bottom line: Is this the correct way to use Cloudflare to force all URLs to be of the WWW variety? I’ve saved the rule but have not yet enabled it.

Thanks in advance for your help. Jim.

Sorry to see you had a rocky start, but I am glad that you were able to figure it out.

I removed the above code from my htaccess file and my website magically returned to life. So why does Cloudflare fall down over this fairly standard bit of code?

You SSL setting are likely set to SSL Flexible, which would mean that all traffic was sent from Cloudflare to the origin insecure. The redirect to HTTPS would then be sent to Cloudflare causing the look.

I would recommend setting your SSL to Full Strict, or Full depening on your needs.

Problem 1: H T T P S

Yes this will redirect all requests from HTTP to HTTPS

Problem 2: Forcing WWW

So why dynamic? What’s the difference between dynamic and static

A static redirect allows you to redirect all traffic matching the rule to a specific page. A dynamic rule allows you advanced features like adding the www and maintainig the path.

CJ313

Thanks for the feedback and thanks for the clarification between static and dynamic.
I’ll check into the SSL settings.

As to the redirect rules change I outlined in my original post here, I enabled them about an hour after created this post and everything appears to be working fine - at least based on the limited testing I did with specifying http instead of https and dropping off the www from my domain.

Thanks again for your feedback.

Thanks for the feedback and thanks for the clarification between static and dynamic.
I’ll check into the SSL settings.

Glad I could provide that for you.

As to the redirect rules change I outlined in my original post here, I enabled them about an hour after created this post and everything appears to be working fine - at least based on the limited testing I did with specifying http instead of https and dropping off the www from my domain.

I should have been more clear, you had the right solutions, I was just trying to answer the other questions.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.