My HTTP visitors are 302-redirected to HTTPS

Hi,

I’ve got a Pro Plan at CloudFlare, with the SSL/TLS encryption in “Full” mode, and I want visitors from http://whatever be 301-redirected to https://whatever.

In the ‘Edge Certificates’ tab of the ‘SSL/TLS’ section, I’ve got the option “Always Use HTTPS” in “Off”, and the option “Automatic HTTPS Rewrites” in “Off”. There is no Page Rule neither to establish Always Use HTTPS nor to redirect from http://whatever to https://whatever.

I was sure that these redirections from HTTP to HTTPS were managed by my origin Apache server, since I inserted the following three lines in the ‘.htaccess’:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [L,R=301]


However, if I analyze the HTTP headers of ‘http://mydomain.com/foo’ (e.g. by using curl -I http://mydomain.com/foo), I see the following information:

HTTP/1.1 302 Found
Date: Sat, 22 Feb 2020 04:27:19 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Location: https://mydomain.com/foo
CF-Cache-Status: DYNAMIC
Server: cloudflare


Why are visitors 302-redirected from ‘http://whatever’ to ‘https://whatever’? Am I doing something wrong in the CF-side or in the Apache-side?

Thank you very much.

PS: Sorry for the bold text. I’m not able to remove it :-/

You should have that on instead.

1 Like

Thank you @sandro , I changed it and it seems to work fine.

Anyway, I emailed the CF support to ask them about how to configure the SSL options after suffering some issues. After two days, the answered me with a bunch of links and no personalized solution.

I wondered why they are not able to give the same support through the email as in the Community forum.

They are not the same people :slight_smile:

1 Like

Yep, I know it. That’s precisely why I’m wondering why they’re not able to do the same :slight_smile:

This topic was automatically closed after 30 days. New replies are no longer allowed.