HTTPS redirect except one domain

david.sabate · May 29, 2023, 1:24pm

Dear all,
I’ve got a website https://tothomweb.com with several subdomains all working with HTTPS. However, there’s one specific subdomain (leading to an external service: http://calendar.tothomweb.com) which MUST not use HTTPS.

When I initially browse http://calendar.tothomweb.com (in an incognito window, for example) it does work but as long as I visit https://tothomweb.com, the redirection is stored and I can no longer enter the http version of calendar.tothomweb.com (thus, leading to an error)

I’ve tryied disabling “Always Use HTTPS” and configure it only for “http://tothomweb.com” using a “Page redirect” rule but it is not working

Thanks for your help

epic.network · May 29, 2023, 3:03pm

Welcome to the Cloudflare Community.

You have enabled an HSTS header that includes subdomains. That will prevent HTTP access.

I would consider devising a means of enabling HTTPS for that hostname. If there is no way to implement HTTPS on that hostname, you will need to adjust your HSTS header settings. These headers can be added by your origin server or Cloudflare. Here is the Cloudflare documentation.

system · June 13, 2023, 3:04pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.