How to make part of a website available with HTTP?

I have setup a website with cloudflare.
Let’s call it “somewebstite.com”.
The website is old and I need to use WAF. All works fine.
somesite.com” is proxied and works with SSL/TSL encryption mode “Full”.

However, I need part of the website being reachable by HTTP instead of HTTPS.
http://somesite.com/special should not be forwarded to https://somesite.com/special.

Sure, I can add a new subdomain special.somesite.com and do not enable proxy. I could than connect to http://special.somesite.com/special.
But WAF and such would not apply, I believe.

Anyway, how can I achieve that I can connect to

Thanks for any hint.

Dan

Update:
I tried Rules->Configuration Rules and created a rule (URI Full) for http://somesite.com/special, switched off “Automatic HTTPS Rewrites” and hoped for the best. Unfortunately, the URL is still being rewritten to https. I am using Firefox with “HTTPS-Only Mode” = disabled (dom.security.https_only_mode = false).
I tried also Page Rules… no luck…

Enusre you have a valid SSL certificate on the origin and use “Full (strict)” to ensure you are fully secure end-to-end.

Then for the HTTP only section…

Make sure “Always use HTTPS” is off and aim to get the whole site available on HTTP when using http:// and HTTPS when using https:// (so everything is clean and you are sure no redirects http<>https are happening).

Use Private/Incognito mode on the browser to ensure that any redirects http<>https aren’t cached there.

Then add redirect rules to:

  1. Redirect anything that is not http://example.com/special to HTTPS.
  2. Redirect https://example.com/special to HTTP.

Redirect rules here…
https://dash.cloudflare.com/?to=/:account/:zone/rules/redirect-rules

Examples here…

You can provide the domain and path if you want it tested externally.

1 Like

To achieve your goal of having a specific path accessible over HTTP while the rest of the site uses HTTPS, you can use Cloudflare Page Rules. Here’s a step-by-step guide:

  1. Log in to your Cloudflare dashboard.
  2. Go to the “Rules” tab and select “Page Rules”.
  3. Click “Create Page Rule”.
  4. Enter *somesite.com/special* in the “If the URL matches” field.
  5. Add a setting: select “Automatic HTTPS Rewrites” and set it to “Off”.
  6. Add another setting: select “Always Use HTTPS” and set it to “Off”.
  7. Save and deploy the rule.

This should allow you to access the /special path using HTTP while the rest of the site remains on HTTPS. However, please note that disabling HTTPS can create security vulnerabilities. Cloudflare’s WAF and other security features will still work for the traffic that goes through Cloudflare.

Thanks @louise2,
Unfortunately, at least in my portal, there is no way to add a setting “Always Use HTTPS” to OFF.
It works with step 5, but the option in step 6 does not offer an OFF/ON button…

At the moment I try the solution from @sjr , but I have issues there as well :frowning:

Dan

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.