Why does Flexible SSL cause a redirect loop?

Cloudflare Flexible SSL can cause redirect loops depending on certain configurations in the origin server. 

With Flexible SSL, all traffic between the browser and Cloudflare is encrypted over HTTPS.

Cloudflare recommends Flexible SSL only when encrypted traffic cannot be supported at the origin web server because it lacks an SSL certificate.  By enabling Flexible SSL, you are telling Cloudflare to send all requests between Cloudflare and the origin web server over HTTP (not encrypted).

If the origin server happens to be configured to redirect HTTP requests to HTTPS, server responses back to Cloudflare are encrypted and since Cloudflare is expecting HTTP traffic, it keeps resending the same request, resulting in a redirect loop. This causes browsers to display "The page isn’t redirecting properly" or "ERR_TOO_MANY_REDIRECTS" errors.  

To resolve this issue, remove the HTTPS redirects in your origin server. You can do this for:

To ensure all requests between the browser and Cloudflare are encrypted, you can use an Always Use HTTPS page rule and that way avoid a redirect loop.

If you host a Wordpress site, read about potential issues with Flexible SSL.

Learn more about all the SSL options available through Cloudflare.

 

 

Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk