Introduction

Cloudflare page rules with the Forwarding URL setting create redirects at the edge before the request reaches the origin server. When both Cloudflare and the origin server are configured to redirect the same URL pattern, a redirect loop occurs: Cloudflare redirects to URL A, URL A redirects back to URL B, and Cloudflare redirects again. Browsers detect this loop after 20 redirects and show ERR_TOO_MANY_REDIRECTS.

Symptoms

  • Browser shows ERR_TOO_MANY_REDIRECTS or This page is not redirecting properly
  • curl -vI https://example.com shows repeated 301/302 responses cycling between URLs
  • Redirect loop only occurs when Cloudflare proxy is enabled
  • Site works when bypassing Cloudflare (direct origin access)
  • Cloudflare dashboard shows high redirect counts in analytics

Common Causes

  • Cloudflare Forwarding URL redirects HTTP to HTTPS, and origin also redirects HTTP to HTTPS
  • Cloudflare redirects www to non-www, and origin redirects non-www to www
  • Page rule pattern is too broad (e.g., *example.com/*) creating overlapping redirects
  • SSL mode set to Flexible while origin redirects to HTTPS (classic loop)
  • Multiple page rules with conflicting redirect targets

Step-by-Step Fix

  1. 1.Trace the redirect chain:
  2. 2.```bash
  3. 3.curl -vIL https://example.com 2>&1 | grep -E "< HTTP|< Location"
  4. 4.# This shows the full redirect chain
  5. 5.# Look for the cycle pattern
  6. 6.`
  7. 7.Check the Cloudflare SSL mode:
  8. 8.- In the Cloudflare dashboard, go to SSL/TLS > Overview
  9. 9.- If set to Flexible and origin redirects to HTTPS, change to Full or Full (strict)
  10. 10.- Flexible means CF connects to origin over HTTP, which causes the loop when origin redirects to HTTPS
  11. 11.Review all page rules for conflicts:
  12. 12.- Go to Rules > Page Rules in the Cloudflare dashboard
  13. 13.- Look for overlapping or conflicting Forwarding URL rules
  14. 14.- Page rules are evaluated in order - the first matching rule wins
  15. 15.- Disable conflicting rules to isolate the problem
  16. 16.Fix the redirect at the correct layer:
  17. 17.`
  18. 18.# Choose ONE place to handle redirects:

# Option A: Handle all redirects in Cloudflare page rules # Remove redirect rules from the origin server # Use CF page rules for: HTTP->HTTPS, www->non-www, etc.

# Option B: Handle redirects at the origin server # Remove Forwarding URL page rules from Cloudflare # Configure redirects in Nginx/Apache ```

  1. 1.For Nginx, configure redirects at the origin:
  2. 2.```nginx
  3. 3.server {
  4. 4.listen 80;
  5. 5.server_name example.com www.example.com;
  6. 6.return 301 https://example.com$request_uri;
  7. 7.}
  8. 8.server {
  9. 9.listen 443 ssl;
  10. 10.server_name www.example.com;
  11. 11.return 301 https://example.com$request_uri;
  12. 12.}
  13. 13.`
  14. 14.Clear Cloudflare cache after fixing redirects:
  15. 15.```bash
  16. 16.# In Cloudflare dashboard: Caching > Configuration > Purge Everything
  17. 17.# Or via API:
  18. 18.curl -X POST "https://api.cloudflare.com/client/v4/zones/ZONE_ID/purge_cache" \
  19. 19.-H "Authorization: Bearer API_TOKEN" \
  20. 20.-H "Content-Type: application/json" \
  21. 21.--data '{"purge_everything":true}'
  22. 22.`

Prevention

  • Choose a single redirect authority (Cloudflare or origin) - do not use both
  • Set Cloudflare SSL mode to Full (strict) to avoid HTTP/HTTPS redirect loops
  • Document all redirect rules in a central registry
  • Test redirect chains after any page rule or origin configuration change
  • Use curl -vIL as part of deployment validation to detect redirect loops