I’m struggling to get Cloudflare-hosted domains to work with Heroku-hosted websites.
I have a domain (beta.newerawrestling.co.uk). I’ve added a CNAME record pointing to the Heroku DNS target (the XXX.herokudns.com URL). The CNAME has Cloudflare proxying enabled, and SSL/TLS is set to “Flexible”. However, whenever I make requests to https://beta.newerawrestling.co.uk, it just gets stuck in 301 redirect loops trying to redirect to the HTTPS version.
The guide I followed was this one: https://developers.cloudflare.com/support/third-party-software/others/configure-cloudflare-and-heroku-over-https/
Considering the stuff below, you do now know what it means, and … the advice about Flexible will therefore fall apart.
Flexible isn’t secure.
It connects from Cloudflare to the origin (e.g. Heroku) via insecure HTTP, leaving your users with the deception that your site is secure, when it really isn’t.
Apologies for selecting “Flexible” because I thought I wanted to serve my site over HTTPS to all public visitors. That was a silly assumption of mine to make, wasn’t it?
Yes. And I assumed members of the public trying to visit my site would be “public visitors”.
Drop the attitude and rudeness. You didn’t have to help me. If I knew any better than I wouldn’t have made the mistake, would I? But there’s no need to be an ■■■ about it, like you have been.
D’oh! I actually had my suspicious about that specific one:
That was meant solely towards the guide you were referring to, and not at all towards you.
I should have been more clear about that specific part, which I apologize for.
That one was a response towards your downvote and attitude here:
Again, I apologize for not making it clear enough that it was the guide I declared as awful, and facepalmed about (and NOT actually about you in any way)!
I definitely bear responsibility as well, as I could have have added guide, so it said “Awful guide”. In hindsight, I suppose alone that extra would have done a lot!
