Mobile app version of vmapp.org
Login or Join
Jennifer507

: Completely cached by Cloudflare Wordpress redirect to HTTPS I have a WordPress (WP) install that is located on a shared hosting package that uses Apache in the root of the domain (not a subfolder

@Jennifer507

Posted in: #Cache #Cloudflare #Https #Wordpress

I have a WordPress (WP) install that is located on a shared hosting package that uses Apache in the root of the domain (not a subfolder or subdomain) with no SSL certificate (not even self-signed).

I've put that domain behind Cloudflare (CF) and enabled the flexible SSL option and complete caching through the page rules section. In order to be able to use the admin panel of WP I need to have 2 rules that disable the cache (*example.com/wp-login* and *example.com/wp-admin*) before the one that caches everything (*example.com/*).

This works great but reaches the limit of 3 rules per free website and I can't use the rule that forces the HTTPS redirection. This way when I open in the browser example.com/ it loads right away (returns status 200) instead of doing a 301 redirect to example.com/ which is the result I'm trying to achieve (if I load directly example.com everything works as intended).

I've tried numerous solutions from around the internet but none of them works as intended. Actually most of them work but only while the site is in development mode and there is no caching. Once I turn off the development mode the rules in the .htaccess file redirect the user to the https version but after that they try another redirect to that version again and the site simply stops working.

This being a shared hosting I can't take a look at the raw Apache logs so I can only check the return code with curl -I example.com and curl -I example.com
The working without cache solutions I've tried so far are fairly similar to this one:

RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ example.com/ [R,L]


I've also tried the recommended by CF rewrites (according to a blog post on another domain, though I can't seem to find them on the link given to the CF site from that post):

RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
RewriteRule ^(.*)$ example.com/ [L]


and

RewriteCond %{HTTP:CF-Visitor} !'"scheme":"http"'
RewriteRule ^(.*)$ example.com/ [L]


but the result is always the same as described above - it works fine until development mode is enabled and when the cache kicks in it keeps redirecting to https even after it goes to https.

Some more info about the WP setup:


it has this line in wp-config.php - $_SERVER['HTTPS'] = 'on';
I've installed the official CF plugin
I've also tried using the "CloudFlare Flexible SSL" and "WP Force SSL" plugins but they didn't seem to work (or at least do what I need) so I've disabled them


Right now I'm interested mostly in an answer that works for Apache but I'm also using nginx on other hosts and wouldn't mind knowing how to fix the same problem there as well (assuming it actually exists because I still haven't had the need to use this specific setup on it).

Sorry, if this post is a dupe, but I couldn't find a similar question anywhere. Also I'm not really sure whether the question should go here or to stackoverflow or wordpress.stackexchange.com or maybe even serverfault...

//EDIT:

Just to clarify - the problem appears only when the "Cache Everything" option is selected in CF's page rules. Without that option the .htaccess redirects are working flawlessly.

10.01% popularity Vote Up Vote Down


Login to follow query

More posts by @Jennifer507

1 Comments

Sorted by latest first Latest Oldest Best

 

@Kaufman445

in order to get Flexible SSL to work with CloudFlare:


Install the CloudFlare Flexible SSL plugin: wordpress.org/plugins/cloudflare-flexible-ssl/ Install the official CloudFlare plugin: wordpress.org/plugins/cloudflare/

Then clear your CloudFlare cache. Check your site works without enforcing the HTTP->HTTPS redirect.

If this does work, you should then be able to set-up a redirect in your .htaccess file as follows:

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ %{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]


Please see: How do I fix the infinite redirect loop error after enabling Flexible SSL with WordPress?

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme