Htaccess, Always use HTTPS or Automatic HTTPS Rewrites for better 301

dtheme · 2017-09-16 05:24:04 UTC

I switched to HTTPS with flexible SSL from cloudflare working for 10 days.

I put a 301 redirect in my htaccess.

However, I am occasionally getting redirect errors (loos). I can’t find where this is happening as it seems random.

My host is not always the best and I remember years ago having a very long list of htaccess rewrites for individual urls. I wonder if this is happening again.

Will turning “Always use HTTPS” on in Cloudflare help? Or “Automatic HTTPS Rewrites”?

Thanks

sdayman · 2017-09-16 13:22:59 UTC

I prefer “Always Use HTTPS” as it’s probably more efficient. And the “Automatic HTTPS Rewrites” as well.

GulshanKumar · 2017-09-17 09:05:23 UTC

Good question, I say keep forcing HTTPS rule at both. At CF for faster redirection, and at .htaccess for fall back.

The .htaccess shouldn’t be very long as you are saying. It should be simple as below for forcing all HTTP requests to HTTPS.

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

dtheme · 2017-09-17 10:26:37 UTC

It’s good to know CF does a redirect faster. If it takes care of it from DNS entery then indeed it solves the server issue and Htaccess.

I’m not wholly understanding what " do as opposed to “Always Use HTTPS”

Is “Automatic HTTPS Rewrites” the part that overrides the local Htaccess part about 301s?

dtheme · 2017-09-17 10:26:58 UTC

Is “Automatic HTTPS Rewrites” the part that overrides the local Htaccess part about 301s?

sdayman · 2017-09-17 13:30:47 UTC

Automatic HTTPS Rewrites is for links in your pages. If Cloudflare knows the link domain supports HTTPS, then it will make it an HTTPS link.

But for the errors you’re seeing, just turn on “Always Use HTTPS”

dtheme · 2017-09-17 13:45:33 UTC

Thanks. I understand the difference now.

Since turning on “Always Use HTTPS” the problem went away.

mailto.danielracine · 2017-11-04 14:51:52 UTC

I force HTTPS at both CF and .htaccess but sometimes I get a “This Connection is Not Private” error in the browser when accessing the site both from HTTP or HTTPS directly. This “Privacy” error is really scary for users. It looks like HTTPS can not be set by CF for some reason and when the .htaccess fallback kick in I get the error. Is my hypothesis right here? Anyone experienced the same issue? Does removing the .htaccess rewrite rule will fix this behavior you think?