Same DNS configuration in 2 domains don't work the same way - APEX redirect error

This configuration is not allowing me to have apex requests redirected to www.

SSL/TLS encryption mode set to Full, hosted on Google Sites.

Any tips?

By the way, thhis configuration works, and it properly redirects the apex domain to www (as well as any http to https):

SSL/TLS encryption mode set to Full, hosted on Google Sites, like the first one.

I didn’t create any redirect/page rules. It simply works.

The redirect is coming from Google. If it doesn’t work for the other domain, you can either fix that on Google or by creating a redirect rule on Cloudflare.

Here’s the thing… Google Sites doesn’t have any settings for that. It’s not a behavior that can be changed there. So, if the redirect is from Google, it should work for both. If it’s not, it shouldn’t work for any.
There’s no way to fix that on Google.
This is the site: https://www.pplupo.com (or https://pplupo.com). None are working at the moment.

This command is bypassing Cloudflare to get the response directly from Google (I just removed some of the unimportant parts):

 curl -svo /dev/null https://pplupo.com --connect-to ::142.250.74.115
* Connecting to hostname: 142.250.74.115
*   Trying 142.250.74.115:443...
* Connected to (nil) (142.250.74.115) port 443 (#0)
...
* error:0A000126:SSL routines::unexpected eof while reading
* Closing connection 0
curl -svo /dev/null https://se-er.com --connect-to ::142.250.74.115
* Connecting to hostname: 142.250.74.115
*   Trying 142.250.74.115:443...
* Connected to (nil) (142.250.74.115) port 443 (#0)
...
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=se-er.com
...
< location: http://www.se-er.com
...

So the redirect is definitely coming from Google.

It would be the easiest to just create a Redirect Rule in Cloudflare to redirect from Apex to www.

1 Like

Thank you!!!
I removed the apex DNS entry, leaving just the www one.

I’ve created this rule:


but I’m getting an SSL error (http 525) at www.pplupo.com
And APEX is not redirecting. It just gives me another error.

Firefox says
" Error 1016

Ray ID: 84f803dcb08536d5 • 2024-02-03 04:43:48 UTC

Origin DNS error

What happened?

You’ve requested a page on a website (pplupo.com) that is on the Cloudflare network. Cloudflare is currently unable to resolve your requested domain (pplupo.com)."

You do need a DNS entry at the apex for the redirect to work. Use A 192.0.2.1 or AAAA 100:: as dummy value as you are just redirecting, make sure it is proxied.

Your “incoming requests match” should be just one item set to hostname equals pplupo.com.

1 Like

Thank you!

The SSL handshake is still failing at www.pplupo.com. :frowning:

Make sure the SSL certificate on your origin is in place and valid. If your origin SSL certificate is just for pplupo.com, you would need to redirect www.pplupo.compplupo.com instead (change the redirect and DNS records to reverse the redirect).

1 Like

It’s Google Sites. I don’t have any management over that. However, it works fine with www.se-er.com and www.cerdeiral.com and these don’t even need a redirect rule for apex to redirect to www. All I had to do was to add a CNAME from @ to www… and it worked.

So, I don’t really know how to fix this.

It would probably be for the best if you removed the domain from Google and then followed all the steps to add it again.

On Cloudflare, add both DNS record back as you had them before and keep them on DNS-only until it works, then you can enable proxy again.

1 Like

Thanks! I’ll try that!

Laudian, that seems to have made the trick. Thank you. Thinking back, I believe I didn’t turn on the proxy at first on the ones that worked, but then I turned them on and since it didn’t break, I decided to turn them on from the start on this one. I think this is what caused the problem.

SRJ, thank you for your help as well.

Best regards!

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.