CloudFlare Flexible SSL Rewrite HTTPS for Apache

kurozael

Summary

CloudFlare allows you to have up to 3 page rules for free, but it takes 1 page rule to force redirection to HTTPS for just one particular subdomain. You can get around this by actually adding the following rewrite config to the <VirtualHost> setup in your website's Apache .conf file.

This means that you can use Flexible SSL with CloudFlare and force your website to always redirect users to the HTTPS version.

Requirements

Apache
CloudFlare
Flexible SSL
mod_rewrite

Rewrite Config

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTP:CF-Visitor} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

View GitHub Gist

vex

Good to note for anyone that knows mod_rewrite a little bit: you can't omit the HTTP:X-Forwarded-Proto header like most and many other HTTP>HTTPS rewrite conditions. You need this header to check for protocols between your server and the CF load balancers. I myself hadn't realized this for the longest time.