Skip to main content

Preventing redirect loops when using Cloudflare

While reviewing some of my domains, I noticed that two of them were throwing redirect errors, preventing visitors from accessing the sites.

Figuring out the issue

The first thing I did, was fire up Postman to get a clear look at the response headers. When accessing the sites using HTTP I received a redirect response to the HTTPS version. I was expecting this response because that's how I had it configured in Froxlor.

Weirdly enough, after being redirected to the HTTPS version, I still received redirect responses to the exact page I was currently visiting. After having another look at the headers, I noticed that some Cloudflare headers were present. That's when it clicked!

After a quick Google search, I found a helpful troubleshooting page from Cloudflare: Troubleshooting redirect loop errors.

Solution

After verifying that I was on the Flexible SSL/TLS routing setting, the solution was to simply deactivate the HTTPS redirect in my server management panel.

By using the Flexible routing option, Cloudflare only encrypts the traffic between the visitors' browser and Cloudflare. The connection from Cloudflare to my server is using HTTP. This led my server to respond with the HTTPS redirect, even though the visitor already accessed the site using HTTPS. Those HTTPS requests simply never reached my server due to the way I had Cloudflare set up.

Published on August 23, 2022
Last modified on August 23, 2022

Did you like what you read? Feel free to share! Make sure to follow me on Twitter to stay in the loop.

Previous Getting rid of JavaScript and giving back to the PHP community
Next Allowing guests to join Laravel Echo presence channels using Laravel 11