There seem to be many posts here about this problem but no conclusive solutions that I could find. The symptoms are that when I share a link to my website, some social media sites fail to create a page preview card (X-Twitter) or display a 301 error (Facebook). Interestingly, some sites have no problem generating card previews (Bsky). I have narrowed down this behaviour to SSL/TLS->Edge Certificates->Always Use HTTPS option. As soon as I disable this option, the preview cards are generated without problem. Also, with this option turned off, when I purposefully browse to the http version, I’m redirected to https anyway. I would like to understand 1) what that option actually does and 2) why it is causing card preview issues with some sites.
What steps have you taken to resolve the issue?
Turn off the SSL/TLS->Edge Certificates->Always Use HTTPS option.
What are the steps to reproduce the issue?
Turn on the SSL/TLS->Edge Certificates->Always Use HTTPS option.
May I ask what SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?
Might want to check Security Events as well if they caught some and blocked the request, which results in “no preview” or “error” when you test with X preview card, Telegram preview, Facebook Open Graph, etc.
Hi fritex,
Thanks for the response. My SSL/TSL are currently set to full. I had the same issue with full(strict) and flexible. I tried different combinations of settings before finally decided to post here, so I’m reasonably sure that changing the Always use HTTPS is the cause.
I shall set it back to ‘on’, as you advised, and see if any security events will be generated.
Thanks again for your suggestions.
PS
Do you know why when I browse to http my page gets redirected to https even with the setting in question disabled? I’m not complaining, of course, but just wondering if the setting is redundant which could shed some light on the issue (eg. limit on how many redirects are followed by a site or some other constraints).
If you’d share your website address, community members could run some tests and give you a more tailored advice, rather than speculations of what could be happening.
@GeorgeAppiah you’re right and I thought that I provided my website link when creating this post. It’s https://tommysoutdoors.com/ and the ‘Always use HTTPS’ is turned on so the preview cards failed to generate this morning.
@fritex I only see one security event from yesterday and judging by the date and path, it’s unrelated to the issue described here.
Thanks again for your input folks and any suggestions/informations would be greatly appreciated.
I’m giving this topic a gentle nudge in case anyone else has any ideas on how to address this issue. Also, is the setting in question for all intended purposes redundant since Cloudflare seems to be always redirecting to https anyway? Could that in itself be the source of this issue?
