Redirecting visitors to HTTPS

Learn how to forward visitor traffic from HTTP to HTTPS for either your entire domain or for a portion of your traffic.


Overview

There are two methods of redirecting visitors to a secure HTTPS connection:

  • (Recommended) Enable the Always Use HTTPS feature in the Cloudflare Crypto app.

    Global setting that redirects all HTTP traffic for your domain to HTTPS.
  • Create a Page Rule in the Cloudflare Page Rules app.

    Allows specific redirects by hostname or URL.
Redirects at your origin web server are not recommended when proxying traffic through Cloudflare because they can cause redirect loop errors and are slower than redirects performed through Cloudflare.

Refer to our Page Rules tutorial to understand URL matches and to review Page Rule features. Redirects via Page Rules are accomplished for specific URL patterns via the Forwarding URL setting.

The Forwarding URL can redirect to either another subdomain, directory or URL in addition to forcing HTTPS. For example, a URL match of

  http://example.com/*

redirected to

  https://www.example.com/$1

redirects requests for the example.com root domain to the www.example.com subdomain while preserving the directory path of the URL.

Redirecting HTTPS does not solve issues with mixed content. Cloudflare automatically resolves many mixed content issues via our Automatic HTTPS Rewrites feature if enabled in the Crypto app. Alternatively, use only relative links or HTTPS links on HTML resources redirected to HTTPS.
The Always Use HTTPS option only appears if your zone has an active SSL certificate associated with it on Cloudflare.
Not finding what you need?

95% of questions can be answered using the search tool. This is the quickest way to get a response.

Powered by Zendesk