Reputation: 2262
Heroku custom domains on Cloudflare: Too many redirects
Objectives
- Run https://rapid.essbap.org through Cloudflare.
- This should map to https://ebcc-rrn.herokuapp.com (Rails app)
- However, I get "too many redirects" pages, e.g.
- Have done this successfully before on other Heroku apps, using steps below
- What am I missing?
What I did
- Purchased
essbap.orgthrough Godaddy. - Imported DNS to Cloudflare.
- Inserted Cloudflare name servers at Godaddy.
- Removed zone records from Godaddy.
Cloudflare:
- Inserted CNAME record
rapidto point toebcc-rrn.herokuapp.com - On Heroku: added custom domain
rapid.essbap.orgtoebcc-rrn.herokuapp.com
Heroku:
heroku domains:add rapid.essbap.org
=== ebcc-rrn Heroku Domain
ebcc-rrn.herokuapp.com
=== ebcc-rrn Custom Domains
Domain Name DNS Target
---------------- ----------------------
rapid.essbap.org ebcc-rrn.herokuapp.com
$ host rapid.essbap.org
rapid.essbap.org has address 104.27.162.137
rapid.essbap.org has address 104.27.163.137
Cloudflare settings
JUST ADDED:
Running curl
When I run curl against another Heroku custom domain app that I know works, it looks like:
$ curl -I some.custom_app.com
HTTP/1.1 301 Moved Permanently
Location: https://some.custom_app.com/
# since I'm using force_ssl on Rails, we expect to be directed to https://
$ curl -I https://some.custom_app.com/
HTTP/1.1 200 OK
Similar behaviour for ebcc-rrn.herokuapp.com (the Herokuapp we want rapid.essbap.org to be an alias for). A 301 then 200.
But when I run curl against rapid.essbap.org, I get:
$ curl -I rapid.essbap.org
HTTP/1.1 301 Moved Permanently
Location: https://rapid.essbap.org/
# since I'm using force_ssl on Rails, we expect to be directed to https://
$ curl -I https://rapid.essbap.org
HTTP/1.1 301 Moved Permanently
Location: https://rapid.essbap.org/
We get a 301 instead of a 200 in the second case. Am not sure why the 301 is being generated. Does not happen in dev or with ebcc-rrn.herokuapp.com.
What am I missing?
Upvotes: 21
Views: 5936
Answers (5)
Reputation: 417
Using Crypto -> "Always use HTTPS": ON directly on CloudFlare did the trick.
SSL is not enforced by rails but by this option.
Not sure if there are any drawbacks with this approach.
Upvotes: 2
Reputation: 9604
I experienced the same issue on a site recently, also using Heroku and Cloudflare and SSL.
In our case, the solution was that we had to set the SSL option in Cloudflare under Crypto > SSL to Flexible. We had it on Full, which was causing the site to try to use CloudFlare's SSL certificate. It didn't work with the SSL option set to Off.
Upvotes: 6
Reputation: 2262
Unfortunately, no conclusive solution (but big thanks to Heroku for technical help).
Managed to resolve issue by rolling back and trying again:
- Transferring DNS back to Godaddy
- Wiping domain from Cloudflare
- Ensuring functionality with Godaddy
- Create domain on Cloudflare
- Transfer to Cloudflare again
Now all working as planned.
Upvotes: 3
Reputation: 2087
If I curl that url over https://rapid.essbap.org/, it looks like you have it redirecting back to https://rapid.essbap.org/
curl -v https://rapid.essbap.org * Rebuilt URL to: https://rapid.essbap.org/ * Hostname was NOT found in DNS cache * Trying 2400:cb00:2048:1::681b:a389... * Connected to rapid.essbap.org (2400:cb00:2048:1::681b:a389) port 443 (#0) * TLS 1.2 connection using TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 * Server certificate: sni95196.cloudflaressl.com * Server certificate: COMODO ECC Domain Validation Secure Server CA 2 * Server certificate: COMODO ECC Certification Authority * Server certificate: AddTrust External CA Root
GET / HTTP/1.1 User-Agent: curl/7.37.1 Host: rapid.essbap.org Accept: /
< HTTP/1.1 301 Moved Permanently * Server cloudflare-nginx is not blacklisted < Server: cloudflare-nginx < Date: Thu, 30 Jul 2015 23:37:57 GMT < Content-Type: text/html < Transfer-Encoding: chunked < Connection: keep-alive < Set-Cookie: __cfduid=ddc8d6151d53a0e3d3eab0789f0b811851438299465; expires=Fri, 29-Jul-16 23:37:45 GMT; path=/; domain=.essbap.org; HttpOnly < Location: https://rapid.essbap.org/ < Via: 1.1 vegur < CF-RAY: 20e4e4ab2489281c-SJC
http://rapid.essbap.org/ * Hostname was NOT found in DNS cache * Trying 2400:cb00:2048:1::681b:a389... * Connected to rapid.essbap.org (::1) port 80 (#0)
GET / HTTP/1.1 User-Agent: curl/7.37.1 Host: rapid.essbap.org Accept: /
< HTTP/1.1 301 Moved Permanently < Date: Thu, 30 Jul 2015 23:40:57 GMT < Content-Type: text/html < Transfer-Encoding: chunked < Connection: keep-alive < Set-Cookie: __cfduid=d5b6d3a1c46df56fcd623454bba7c9d121438299657; expires=Fri, 29-Jul-16 23:40:57 GMT; path=/; domain=.essbap.org; HttpOnly < Location: https://rapid.essbap.org/ < Via: 1.1 vegur * Server cloudflare-nginx is not blacklisted < Server: cloudflare-nginx < CF-RAY: 20e4e95a0abf281c-SJC
Upvotes: 0
Related Questions
- Deploying Phoenix Application to Heroku with SSL and CloudFlare "too many redirects"
- Cloudflare + Heroku with custom domain
- Heroku - custom domain DNS
- CloudFlare SSL + Heroku custom domain not working
- example.herokuapp.com redirection to https://example.com
- Custom domain not working correctly on heroku rails app
- Heroku + CloudFlare + Apartment Redirecting to "com.br"
- Cannot access Rails app via Heroku and CloudFlare
- Rails + Heroku + Cloudflare - Eliminate www as a subdomain
- Redirect example.com to www.example.com using Heroku (rails) and Cloudflare