When Always Use HTTPS is disabled yet still works ?!

I have Always Use HTTPS feature switched OFF (be default it is so) under SSL/TLS - Edge Certificates configuration, yet http://mysite.com or http://www.mysite.com is still being redirected to https:// and presents Cloudflare certificate. There are no page rules configured for this - there are no page rules at all.

Not that I mind but just trying to understand what is broken here.

It could be your browser just trying to enforce HTTPS on every website you visit.

What’s your domain?

well I tried outside of a browser also and get HTTP request sent, awaiting response… 301 Moved Permanently Location: https://www.biotalent.ca/ [following]

wget biotalent.ca
–2021-05-28 12:29:15-- http://biotalent.ca/
Resolving biotalent.ca (biotalent.ca)… 104.22.77.216, 172.67.25.195, 104.22.76.216, …
Connecting to biotalent.ca (biotalent.ca)|104.22.77.216|:80… connected.
HTTP request sent, awaiting response… 301 Moved Permanently
Location: https://www.biotalent.ca/ [following]
–2021-05-28 12:29:15-- https://www.biotalent.ca/
Resolving www.biotalent.ca (www.biotalent.ca)… 172.67.25.195, 104.22.77.216, 104.22.76.216, …
Connecting to www.biotalent.ca (www.biotalent.ca)|172.67.25.195|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’

I guess it could be the site engine doing the redirect from http to https

Yes this redirect is getting done on your applications/servers side:
image

2 Likes

Your server is doing the redirection.

If Cloudflare is redirecting, there won’t be response body included like nginx does.

4 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.