Redirect errors

Click >> New Blogger Personality Quiz | Learn What Kind Of Blog You Should Start!
Notice: Clicking the link above redirects to another website called BodyBoard101? This is not our website!
Expected result: The above link SHOULD redirect to New Blogger Personality Quiz | Learn What Kind Of Blog You Should Start!

I cannot reproduce. If you use another network and another device does the issue persist?
image

1 Like

It’s an unusual “redirect”… it’s showing Bodyboard101’s website but the URL is staying the same.

Please watch >> Loom | Free Screen & Video Recording Software

Ah, I see they’re separate domains. Do you own the .co one? I see it was registered the same year.

If you do, can you check for Transfom Rules or Workers on that domain?

Yes, we own createandgo.com and createandgo.co.

The issue is, it’s showing BodyBoard101’s website for this particula URL.

It’s not even a redirect. It’s just loading the wrong site. Coincidentally, it looks like the same theme as the .com site.

What is you want to do? Do you want the .co to redirect to the same URL from the .com site?

If so, then try this Page Rule:
Match *createandgo.co/* and set a Forwarding URL (301) to https://createandgo.com/$2

The real question is: why on earth would this happen in the first place?

I’m on the CF free tier and have no more page rules allowed without upgrading. I upgraded so we could resolve this ASAP but that’s not ideal.

The reason is that at your webserver is causing the redirect. Here is a request bypassing Cloudflare:

> GET / HTTP/2
> Host: createandgo.co
> Accept: */*
> Accept-Encoding: deflate, gzip
> 
< HTTP/2 301 
< date: Fri, 20 Aug 2021 15:56:45 GMT
< content-type: text/html; charset=UTF-8
< location: https://bodyboard101.com/
< x-redirect-by: WordPress
< server: nginx centminmod
< x-powered-by: centminmod
< content-security-policy: block-all-mixed-content;
< x-xss-protection: 1; mode=block
< x-content-type-options: nosniff

I see that WordPress is sending the header < x-redirect-by: WordPress, so we can assume that this configuration is on your WordPress instance.

If this redirect is not correct, and you do not have enough Page Rules, I suggest reaching out to your WordPress instance administrator/developer for assistance removing this redirect.

Good Luck!

1 Like

Thanks for the quick reply, but I don’t think this is the case. The .co domain is not a live site, there is no WP installation, nor is there an .htaccess file to set up redirect rules.

Hi Lauren,

I can confidently say that the redirect is happening on your webserver, you can check this by clicking on the orange-cloud in your DNS dashboard, and changing it to a grey-cloud.

If after changing to a grey-cloud, the redirect still happens, then you have confirmation that the issue on your website. Cloudflare does not send the header x-redirect-by: WordPress.

I can prove this by issuing a request to the IP address of your server:

❯ curl -i https://xxx.xxx.xxx.xxx -k
HTTP/2 301 
date: Fri, 20 Aug 2021 16:34:56 GMT
content-type: text/html; charset=UTF-8
location: https://bodyboard101.com/
x-redirect-by: WordPress
server: nginx centminmod
x-powered-by: centminmod
content-security-policy: block-all-mixed-content;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

Try the command above, and replace xxx.xxx.xxx.xxx with your server’s IP from your DNS dashboard.

For transparency, do I have your permission to share your server’s IP on this thread?

That’s quite a bit of weird. Neither Walshy nor I could reproduce that 301 redirect to bodyboard101. We both got a 404 from the server at the createandgo URL. I tried it in a browser as well and got a 404 at the createandgo URL, but showing the bodyboard site.

But it looks like the issue has been resolved, as the .co is now redirected to the .com

The path returns a 404, the root returns a 301

❯ curl -i https://???.???.???.???/blog-niche-quiz/ -Ik
HTTP/2 404 
date: Fri, 20 Aug 2021 17:48:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://bodyboard101.com/wp-json/>; rel="https://api.w.org/"
server: nginx centminmod
x-powered-by: centminmod
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
1 Like

Well…that’s no less weird than before. I don’t know why WordPress would redirect root, but not posts/pages. But I can certainly see why a site that’s earlier in the alphabet would be delivered for a non-existent site later in the alphabet. Unless your initial test was to the IP address, and not the non-existent hostname.

Maybe I’m missing what you mean by

But I’ll walk you through my troubleshooting.

I do not know the state of the site prior to my first post’s tests, I also ignored any Cloudflare configuration and tried to answer the question: Where is the 301 happening?

Which application and why is somewhat irrelevant to answering that question, so I did a few tests:

  1. cURL to the root, then to the path
  2. cURL to the IP
  3. Simulated a visitor’s request from the Datacenter to the Origin for both the above tests (prior to any page rule modifications)

The results are what I mentioned earlier. Now, we can try to troubleshoot which application and why.

I can only guess here, since all the tests I’ve done are without looking up their Cloudflare configuration, but I believe this user is directing their traffic to the webserver IP for bodyboard101.com, probably with an A record. My only proof of this is looking at the HTTP headers for this domain:

❯ curl https://bodyboard101.com -I
HTTP/2 200 
date: Fri, 20 Aug 2021 18:54:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Aug 2021 10:30:24 GMT
x-powered-by: centminmod
content-security-policy: block-all-mixed-content;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JZSqTXk1ztRMs6iCXq7eSs1GzBylcNNu6CAv%2BuX%2BfhQ3ViXAG6%2BYqI0LqbrysYHuilcTUYMv16CU588jZdIeoMa7qAcGXwuWXMJ1mYz3tqN53PzvUaAYvQGF9guys5YArvS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 681dd3f43966281b-DFW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

We could keep testing with cURL flags --connect-to, resolve, and modifying host headers, but to me the similarities make it obvious, particularly the quantity and order of the headers (if you exclude the Cloudflare headers), and there are others.

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.