What you are adressing is a problem that does exist for years: redirecting on the root domain to WWW and HTTPS takes 2 redirects instead of one.
I have wrote about this somewhen in the past: HSTS & PageRule Problem
Which wasn’t very popular but the rootproblem is the same, weather you do it with “Always use HTTPS” or HSTS, the first redirect will solely be HTTP
==> HTTPS
without the WWW
included.
If you turn off “Always use HTTPS” this will affect ALL subdomains aswell, so you want to keep it on.
What I would recommend is this PageRule:
http://example.com/*
Forward “
301
” to: (first try “302
” for testing!)
https://www.example.com/$1
Which should do the trick, but will interfere with HSTS, since HSTS will be bypassed, as it normally would redirect to https://example.com/
first… there ATM is no perfect solution to this scenario, specially if you think bigger than just having the main domain, but also subdomains.