Troubleshooting 301 redirect "This webpage has a redirect loop" error with CloudFlare SSL

(Tobias Eigen) #1

Continuing the discussion from Allowing SSL for your Discourse Docker setup:

I ran into an odd problem after following the steps to allow SSL for my discourse docker setup - after turning on cloudflare, my chrome web browser started showing me a “this webpage has a redirect loop” error. It was not showing up when cloudflare was disabled. So I assumed it was a cloudflare issue and submitted a ticket. The response I got is below which I wanted to share for future reference for myself and for others who might find themselves in this situation.

The answer was to bootstrap my container to reflect the new templates - @sam’s instructions to run ./launcher rebuild app didn’t do it in my case unless I am confused (which is quite possible! :smile:). I ran ./docker bootstrap app it immediately started working correctly again.

The troubleshooting commands that showed the problem are here - you would replace URL with your forum URL and IP with your destination IP.

$ curl -vso dev/null 
$ curl -vso dev/null -H "host:" 

And the full explanation from cloudflare support:

Hi Tobias,

Taking a look, I wasn’t able to trigger the error - the site would resolve with both SSL and CloudFlare active. However I did notice that requests sent to the domain would never respond properly - there is a 301 redirect on that points to itself:

$ curl -vso dev/null

  • Trying…
  • Connected to ( port 443 (#0)
  • TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • Server certificate:
  • Server certificate: GlobalSign Organization Validation CA - G2
  • Server certificate: GlobalSign Root CA
    GET / HTTP/1.1
    User-Agent: curl/7.30.0
    Accept: /

< HTTP/1.1 301 Moved Permanently

  • Server cloudflare-nginx is not blacklisted
    < Server: cloudflare-nginx
    < Date: Tue, 07 Oct 2014 20:57:41 GMT

    < Location:

The redirect was in place even if I send a request directly to you origin:

$ curl -vso dev/null -H “host:”

  • About to connect() to port 80 (#0)
  • Trying…

    < HTTP/1.1 301 Moved Permanently
  • Server nginx/1.6.2 is not blacklisted
    < Server: nginx/1.6.2
    < Date: Tue, 07 Oct 2014 21:03:17 GMT

    < Location:

While I was unable to trigger it from my end, likely this is why the loop is ocurring. You will need to remove this 301 redirect set on

I hope that helps, but if you have any questions or concerns please let me know.


(Jeff Atwood) #2

@sam is there any reason bootstrap would be required here?

(Sam Saffron) #3

Rebuild does a bootstrap. There is a long standing issue I need to fix though, it starts the process with a git pull, but does not re-launch itself if it detects changes. I want to get that fixed.

Regardless - Rebuild == git pull - bootstrap - destroy - start

(Kane York) #4

Try this:


if [ -f zzzzzz ]; then
        rm zzzzzz
        echo "removed zzzzzz"
        exec $0 $@

touch zzzzzz
echo "created zzzzzz"

The ‘exec’ command replaces the shell process.


leaving this for others reaching this topic after me

did the ssl setup as in the first post
was using cloudflare as cdn front end
got a redirect loop

the solution to my redirect loop problem was changing ‘flexible’ to ‘full’ in cloudflare ssl configuration, as explained here: