Using CF Redirect Rule to point to third level domain.
So CF => https://www.ThirdLevelDomainDOTSecondLevelDomainDOTcom/wp-admin/
But when I enter the above URL
I am not getting the normal wp-admin UN and PWD prompt to get into Wordpress site and edit it.
I have tried Normalize to URL origin and set WAF Security Custom Rules to presumably allow that specific URL and issue a CAPTCHA managed challenge, but that does seem to produce UN & PWD prompt window. I do not have access to Managed Rules (not a PRO account)
Really appreciate CF community attempting to help solve this puzzle.
@sdayman I did do your Redirect Checker … an for some reason there seemed to a constant (over 19 redirects) … starts with like two '301 errors" and then 17 “302 errors”
Although the redirect tool result state specifically … I wonder if something with WordPress software installation at host that makes it auto bounce from /wp-admin.php to wp-login.php and back
Actually you use 19 Redirects. Ideally you should not use more than 3 Redirects in a redirect chain. More than 3 redirections will produce unnecessary load on your server and reduces speed, which ends up in bad user experience.
You use 301 and 302 redirect at the same time. This might be confusing for search engine. Generally, please do not use 301 and 302 redirects at the same time.
You use a 302 redirect. This means, that the actually content is temporary not reachable and will come back soon. To use a 302 redirection for generally moved pages is a bad idea.
I did test taking CF completely out of the network chain ie. Domain Registrar > to Host … and that did resolve ie. I was provided Word Press UN and PW prompts.
I have reengaged CF ie.: Domain Registrar > CF > to Host and @Laudian will try to toggle to full (strict) next …
for you old CloudFlares heads of which I am one… do try to work through the new updated CF platform … it is pretty impressive and I am very grateful that CF still provide small volunteer nonprofit and small frys of all flavors a FREE level … although it is smart to do not all ORGs do anymore. I would not have gone as deep with new CF if they had not.
While “your mileage will likely vary” … I am going to assume that I can safely layer in these additional CF protections https://turbofuture.com/internet/Cloudflare-Firewall-Rules-for-Securing-WordPress and there will be no additional Blockers. THX ALL!
… Hold on the CF … Redirect Rule … that auto redirects Users who type in the second level domain to be automatically redirected to third level domain (where the Word Press site is) ie. what we want in this USE CASE … no longer seems to be working. OK, still on this…
Update: It looks like solution that I posted above
is in fact still a solution. ie. both CF Redirect Rule is working as one would expect and able to add the additional protections shared in the TurboFuture article without breaking.
One helpful note: Although propagation of these CF Rules seem almost instantaneous nowadays (wowza) … I would still give it 15min and clear cache browser before testing. And, on that later point, please not just closing an incognito window and doing … CMD+SHIFT+N to quickly boot up another Chrome, Edge Incognito window to test or closing prior Incognito browsers Windows DOES NOT truly clear cookies/other … I found I actually had to follow the steps to Clear Cache that one normally does in regular browser Window in the Incognito Browser Window in order to truly clear/flush Browser “memory” and effect a clean/er CF Rules Test.
So if don’t hear back from me the above appears to be a DURABLE address. THX CF community and hope helpful for the community going forward. If any CF admin … wishes to update the subject heading for this thread to. “Redirect Rules. WP-Admin” or whatever CF admin team deems most helpful pls do. THX!