Plesk ServerShield by Cloudflare & wordpress multisite

I’m struggling to get the traffic through Cloudflare.

My setup is as follow:
-dns host and manage at www and A record pointing to Plesk Server
-Plesk server (host at OVH)
-ServerShield by Cloudflare extension activated on Plesk.
-wordpress multisite installed with nginx.

In order to route traffic through Cloudflare, it’s mandatory to have as main website link
https:// WWW.mydomain .com and not https:// mydomain .com

I did setup this in wp_option table (site url and homepage)
I did try to change some info in htaccess file or in "Additional nginx directives "

can’t get this redirection with “www” added inside the url.

When if I force preferred domain as ‘www’ on plesk “hosting settings” tab then I have as result a
“Too many redirect loop” displayed in my browser.

I have no idea where to look in order to fix this pingpong redirection…and force wordpress multisite to get this www as main adress.

Thanks in advance for your help !

No, the naked domain will also work. Cloudflare really just proxies whatever it receives.

That is typically an HTTPS issue. Do you have a proper certificate setup on your server and set Cloudflare to “Full strict”?

Hi Sandro,
thank you for your quick reply and sorry for my late answer.
Actually I’m having some difficulties to setup Wordpress multisite inside my plesk to force the www in front of https://
I did update the wp_option table for the site_url and homepage.
and my loop issue start when I ask plesk to force www. from the “host setting” link

As well I’m using nginx and not apache. so my htaccess file is useless. because it would also be possible to force www inside that file.
Still on Plesk there is an extra nginx direction where I can force that. but also didn’t work like I wanted.

# nginx configuration location / {
if ($http_host ~* "^"){
rewrite ^(.*)$$1 redirect; } }

I’m kind of lost and don’t know where to look.

no answer here…
is actually this possible?

Kind regards,

You didnt address my HTTPS question. If you want to force a redirect to the “www” host, or the naked domain instead, you actually dont necessarily need to do this on your side, but can easily implement this with page rules.

hi Sandro,
So you mean I don’t necessary need to go inside my plesk and Force the www. from the “preferred domain” checkbox?

Where do you implement these page rules?
inside htaccess? or nginx directive? or inside wordpress?

Thank you

Page rules are set up on Cloudflare.

You ignored my question for the second time over the period of nine days.

Hi Sandro,
yes I have let’s encrypt certificate active and did check “full strict” in Cloudflare.

Ok, I see the page rules from Cloudflare. what do you advise me to write in there?
something like that?

I’d go with

This seems to work better. with $1 ! :slight_smile:
Now It seems I’m getting a SSL Error(Site Can’t provide a secure connection)"
which you already answered here:

Now, I just did is : Generate a free TLS certificate signed by Cloudflare to install on my origin server.
I activated it on my server. still my server is asking me for “CA certificate part”. is this mandatory?

This Cloudflare certificate seems to be an alternative to let’sEncrypt or Symantec free ssl from my plesk

Also I checked the SSL Status api and I have the following message:
{“success”:false,“errors”:[{“code”:9106,“message”:“Missing X-Auth-Email header”},{“code”:9107,“message”:“Missing X-Auth-Key header”}],

Is this can explain why the SSL doesn’t want to work?

I have to admit, I’m totally lost in between these SSL, TLS available or on Cloudflare or on plesk. and don’t know which to activate or how to set it up correctly.

Sandro, I really appreciate your help and your reactivity.
looking forward for your next message and hope to solve this thread very soon.
Thank you

The primary problem at this point is that your is not on Cloudflare.

I fixed the missing Ca cert. by following this tutorial: Center/installer-certificat-ssl-Cloudflare-origin-plesk-onyx/

I’m no having a 526 issue:

I think I’m getting close

I think I found my issue…!!

In order to solve my redirect loop issue I had to uncheck the box:
“permanent SEO-safe 301 redirect from http to https” in my plesk “hosting settings”

Oh my god…!
Now I’m in ssl “full” (not full strict) in SSL/TLS app from Cloudflare.
In Plesk, i’m using the SSL certificate from Cloudflare. (following tutorial from my previous message.)
ps: if I activate “full strict” my website get. error 526 again. Invalid ssl certificate.

I can only refer to Plesk ServerShield by Cloudflare & wordpress multisite - #10 by sandro

Hi Sandro,
I really appreciated your very fast feedback and answers.
Now I can see from Cloudflare analytics tab that my traffic is going through Cloudflare and with ssl.
This was my main goal of the today and it’s achieved.
I don’t think staying in “FULL” in place of “FULL strict” will be a problem.
I’m glad that Cloudflare is shielding my websites now.

Thank you !

This topic was automatically closed after 31 days. New replies are no longer allowed.