Redirect Suddenly No Longer Working

Hello all,

I’m new here, and I’ve run into an issue I’m not sure how to solve. I connected my company’s Squarespace website, usafarmlabor.com, to Cloudflare last week to set up some URL redirection. For context, our website has two primary audiences: American employers and prospective farm workers from around the world. Most of the website, including the home page, is set up to provide information to American employers, but there is a page that I created to help workers from outside the U.S. connect with recruiters. Long story short, I want the home page to be the home page for American employers, and I want the Farm Jobs page to be the default landing page for visitors from outside the U.S. That way, prospective workers get what they are looking for without getting lost in information that doesn’t pertain to them and without filling out employer-specific forms, and our analytics get a little more precise.

To address this, I set up a single 301 redirect rule so that visitors from outside the U.S. would get redirected from the home page or the employer-specific contact us page to the Farm Jobs page. This is the expression preview:

(ip.geoip.country ne "US" and http.request.full_uri eq "*usafarmlabor.com/") or (ip.geoip.country ne "US" and http.request.full_uri eq "*usafarmlabor.com/employer-contact")

After proxying the appropriate DNS records and removing superfluous redirects to fix a redirect loop error, it started working (as tested by a co-worker with a VPN). However, this week, I came into the office and discovered notifications stating that visitors from outside the U.S. were once again filling out U.S. employer-specific forms, suggesting that the redirect was no longer working. I had my co-worker check it again with the VPN, and she confirmed that the redirect is no longer working.

I’ve done some digging, but I can’t seem to get the redirect working again. It would seem I’ve hit the limit of my admittedly limited understanding of this particular field. Any help you can provide would be very much appreciated!

I suspect that this never worked. You cannot use equals with a wildcard, it is an exact match. From the documentation:

Wildcards are not supported

Comparison operators, namely the eq operator, do not support wildcards (for example, * ) in strings. However, the matches operator supports regular expressions like .* , which matches zero or more occurrences of any character.

You will need to rewrite the expression into something like:

(http.host in {"www.example.com" "beta.example.com"} and ip.geoip.country ne "US" and not http.request.uri.path in {"/employer-contact" "/"})

Hey Michael!

Thanks for replying! I should have specified this earlier: The original expression did not include a wildcard. It simply included the normal URL. I changed it to include the wildcard after the redirect stopped working because I was wondering if the problem was the result of differences in whether or not the “www” was included or whether “http” or “https” was used.

I’ll fix that, but do you have any other ideas about what might be keeping this from working?

Thanks again!

1 Like

Can you share the original expression?

Probably best to read the documentation for each of the fields.

http.request.full_uri is the full URL as received by Cloudflare. It will always include the protocol (https:// ) and the full hostname. www.usafarmlabor.com is not the same as usafarmlabor.com. It also includes the full path up to and including query parameters.

Adding back in the protocol and hostname your expression might have looked like this:
http.request.full_uri eq "https://www.usafarmlabor.com/employer-contact"

This would not be matched with a request like https://www.usafarmlabor.com/employer-contact/

Ah, that makes sense! Certainly! I’d be happy to share the original:

(ip.geoip.country ne "US" and http.request.full_uri eq "https://www.usafarmlabor.com") or (ip.geoip.country ne "US" and http.request.full_uri eq "https://www.usafarmlabor.com/employer-contact")

Cloudflare generated the expression based on what I had in the “When incoming requests match…” and “Then…” fields.

 % curl --dump-header - https://www.usafarmlabor.com/employer-contact/ -o /dev/null --silent | egrep -i "^HTTP|Location"
HTTP/2 200 
% curl --dump-header - https://www.usafarmlabor.com/employer-contact -o /dev/null --silent | egrep -i "^HTTP|Location" 
HTTP/2 301 
location: https://www.usafarmlabor.com/farm-jobs

It does what you have configured, but probably not what you are actually trying to do!!

The first full_uri in your expression will never match, as there is an invisible trailing / in a request to the root that you have not included, and eq is an exact match.

Try something like this:

(http.host in {"usafarmlabor.com" "www.usafarmlabor.com"} and ip.geoip.country ne "US") and (http.request.uri.path eq "/") or (starts_with(http.request.uri.path, "/employer-contact"))

This will match two hostnames, and either the homepage, or any path that starts with /employer-contact, but only for users outside the USA.

I just made the change and had my co-worker try it! Looks like it’s working perfectly! Thank you so much for your help!

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.