Redirect loop when trying to use Cloudflare with Heroku

I’m struggling to get Cloudflare-hosted domains to work with Heroku-hosted websites.

I have a domain ( I’ve added a CNAME record pointing to the Heroku DNS target (the URL). The CNAME has Cloudflare proxying enabled, and SSL/TLS is set to “Flexible”. However, whenever I make requests to, it just gets stuck in 301 redirect loops trying to redirect to the HTTPS version.

The guide I followed was this one:

What step am I missing, or doing incorrect?

This one is the problem.

Switch to Full (Strict).


The guide I linked to specifies to use “Flexible” though. What’s the difference between the two?

Awful. :facepalm:

Well, it says:

Considering the stuff below, you do now know what it means, and … the advice about Flexible will therefore fall apart.

Flexible isn’t secure.

It connects from Cloudflare to the origin (e.g. Heroku) via insecure HTTP, leaving your users with the deception that your site is secure, when it really isn’t.

Visitor ← SECURE → Cloudflare ↔ INSECURE ↔ Heroku.


Apologies for selecting “Flexible” because I thought I wanted to serve my site over HTTPS to all public visitors. That was a silly assumption of mine to make, wasn’t it? :roll_eyes:

Can we assume that you’re able to read “to public visitors”?

There is more than just “to public visitors”, when dealing with reverse proxies like e.g. Cloudflare.

@sandro made a good write up about that over here:

That said, thanks for the downvote, … that one is very appreciated.

1 Like

Yes. And I assumed members of the public trying to visit my site would be “public visitors”.

Drop the attitude and rudeness. You didn’t have to help me. If I knew any better than I wouldn’t have made the mistake, would I? But there’s no need to be an ■■■ about it, like you have been.

I am simply sharing the solution to your problem, and explaining why it happens, that’s all.

Where exactly do you see (or understand) that I am having an attitude, or being rude?


D’oh! I actually had my suspicious about that specific one:

That was meant solely towards the guide you were referring to, and not at all towards you.

I should have been more clear about that specific part, which I apologize for.

That one was a response towards your downvote and attitude here:

Again, I apologize for not making it clear enough that it was the guide I declared as awful, and facepalmed about (and NOT actually about you in any way)!


Ah, OK. Sorry for misinterpreting as directed at me. My bad.

No problem!

Glad we sorted it out.

I definitely bear responsibility as well, as I could have have added guide, so it said “Awful guide”. In hindsight, I suppose alone that extra would have done a lot!

Thanks for also being there to solve our strife. :slight_smile:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.