www.johnbranick.com redirected you too many times.
can’t get www to resolve
Tried A record with ip, CNAME with domain name, changing ssl to full encryption, tried proxy on and offf. I am just stumped. What am I missing?
I don’t know
Use “Full (strict)” (although “Full” should have stopped it, but is not secure).
The redirects are coming from your origin usually due to using “Flexible” if this doesn’t happen before using Cloudflare…
https://cf.sjr.dev/tools/check?7dcb0a3ab2104913995f65471238866e#connection-server-https
Thanks so much. I did change it to full strict and still getting redirect errors
It seems you have now disabled the proxy for www so requests are going direct to your origin. Your origin doesn’t have an SSL certificate covering www and is also doing the redirect to itself, so the problems are there, not in your Cloudflare setup…
https://cf.sjr.dev/tools/check?120d6959820a47fd8be0ebfb52fe1a8d#dns
curl -ivv https://www.johnbranick.com --insecure
* Trying 52.6.79.36:443...
* Connected to www.johnbranick.com (52.6.79.36) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
* subject: CN=johnbranick.com
* start date: Mar 27 00:00:00 2025 GMT
* expire date: Mar 27 23:59:59 2026 GMT
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* using HTTP/1.1
> GET / HTTP/1.1
> Host: www.johnbranick.com
> User-Agent: curl/8.0.1
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/1.1 301 Moved Permanently
HTTP/1.1 301 Moved Permanently
< Date: Sat, 29 Mar 2025 14:47:45 GMT
Date: Sat, 29 Mar 2025 14:47:45 GMT
< Server: Apache
Server: Apache
< Location: https://www.johnbranick.com/
Location: https://www.johnbranick.com/
< Content-Length: 236
Content-Length: 236
< Content-Type: text/html; charset=iso-8859-1
Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://www.johnbranick.com/">here</a>.</p>
</body></html>
* Connection #0 to host www.johnbranick.com left intact
Yes I am literally trying every different permutation of fixes I can and nothing works. I have since reenabled proxy.
The problem is on the origin server so leave the proxy off until it is fixed. Debugging behind the proxy makes things more difficult.
So you are saying that I need to let my website host know the problem is on their end? Thanks so much for all of your help!
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.