I have turned on Always Use HTTPS under the DNS settings, but my base domain http://agendawatch.org does not redirect to https://agendawatch.org. The HTTP address returns a Connection Reset error in Firefox, while HTTPS version works correctly.
In an attempt to debug, I tried creating a Single Redirect Rule to route http://agendawatch.org → https://agendawatch.org based on the Rules Cheatsheet (https://community.cloudflare.com/t/redirect-rules-beta-cheat-sheet/508780) mentioned in this community post: https://community.cloudflare.com/t/adding-www-and-https-to-a-url/519814/4?u=biglocalnews.service.
Unfortunately this hasn’t resolved the issue. I’ve configured the rule as shown in the image below. Any guidance or advice would be greatly appreciated!
You don’t need the Single Redirect Rule, you just need Always Use HTTPS. Your issue is that your site is unproxied . You need to enable Cloudflare’s proxy under DNS → Records for @ / agendawatch.org record, for any of those settings to apply/work.
Thanks for the speedy reply! Unfortunately the reason we had Proxy turned off is because it is raising a Cloudflare 520 error (see below). Alas, the site is now down completely (not available via HTTP or HTTPS). I tried turning Proxy off (back to DNS-only), but that doesn’t seem to have resolved. So two questions:
If we want to Proxy, it sounds like we need to resolve the 520 error correct? And that would likely be an issue to handle with on Google Cloud Platform, where we host the application?
Does it take a while for the switch to DNS-only to propagate? Our site recently went live and I’m concerned that it may take a while for it to become available again (initital DNS propagation took more than 24 hours)…
Also, your redirect rule is misconfigured. As it is, it will redirect from naked domain to naked domain, causing a loop.
After you solve the 520 error and the DNS records, edit the redirect rule so that it redirects from one URL to another. For the HTTP to HTTPS redirection to work, you can enable Always Use HTTPS, as suggested by @Chaika, or edit the rule so that the condition is that:
Hostname equals example.com
SSL is off.
This way, only requests to HTTP will be redirected.