Using Page Rules to Proxy Sub-subdomains Without SSL

So, I have a problem concerning Cloudflare’s lack of support for sub-subdomain SSL on the free plan, explained below:

However, I’d like to be able to cache (:orange:) the www versions of my subdomains. I was thinking I could use Page Rules to proxy the sub-subdomains but disable SSL for them, like this:

Or this:

Yet neither of those seem to do anything after I turn on the proxy for a sub-subdomain.

For reference, I have my SSL mode set to Full because all my sites/subdomains use Let’s Encrypt on the origin level.

Is HSTS activated? If so, is:

  1. Include subdomains set to On?
  2. Preload set to On?

If you can answer both questions with yes, this will be saved in you Clients browser and will ALWAYS try to redirect to HTTPS as far as I know. And this, for as long as Max-Age is set.

For me it looks like this:

1 Like

As long as you dont have a $10/month dedicated certificate you wont get that configuration to fly, as none of the requests will reach Cloudflare in the first place.

Once you have that certificate, everything will be the same. The page rule configuration is off though, as you should never change the SSL setting here.

1 Like

Yep to both, looks like I’m not gonna achieve what I’m looking for anyway.

Oh well. No big deal, not like anyone other than older people and bots are gonna try to hit www versions of subdomains. Redirects will have to do.

You mind explaining why it’s not recommended to change SSL settings with page rules?

Because the SSL setting should generally be “Full strict”, and “Full strict” only.

Particularly in your case changing that setting wouldnt even have achieved what you wanted, however.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.