HTTPS page rule required for Flexible SSL?

I have a Wordpress using Cloudflare Flexible SSL.

In Wordpress I have the following plugins installed and activated:

  1. W3 Total Cache plugin, with Cloudflare configured
  2. Cloudflare Flexible SSL plugin
  3. Cloudflare plugin

My Cloudflare SSL/TLS app settings are:
SSL = Flexible
Always use HTTPS = ON
HTTP Strict Transport Security (HSTS) = Not Enabled
Automatic HTTPS Rewrites = ON

I have three page page rules configured:

  1. = Always use HTTPS
  2. = several settings
  3. * = same settings as Rule 2

Everything works great!

I have two questions about the page rules:

  1. Do I even need Rule 1 with the SSL/TLS settings that I have?
  2. If Rule 1 is necessary, should it be first or last in the rule set?

The “Always use HTTPS” option that you found under Crypto is effectively just a page rule that we made into a setting. So if you have it turned on, you can free up that page rule for something else (if you need it).

Thanks Ryan. that’s what I needed to know.

1 Like