Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

forceSSL & Cloudflare #1034

Open
SachaG opened this issue Nov 22, 2018 · 2 comments
Open

forceSSL & Cloudflare #1034

SachaG opened this issue Nov 22, 2018 · 2 comments

Comments

@SachaG
Copy link

SachaG commented Nov 22, 2018

I have SSL set up with LetsEncrypt and forceSSL: true, and it works great. I use Cloudflare as a DNS provider and wanted to set up a redirection from www.xyz.com/* to xyz.com/*.

But as soon as I activated Cloudflare (as opposed to only using it for DNS) the site stopped working and I started running into an endless 301 redirect loop.

Turning forceSSL off stopped the loop, but if I do that I can only access the non-SSL version of the site (entering https just redirects me to it).

Is anybody successfully using Cloudflare with Mup's SSL? What does your config look like? Also does it make a big difference whether I use Mup's or Cloudflare's SSL?

My info:

Mup version (mup --version): 1.4.5

{
  "servers": {
    "one": {
      "host": "1.2.3.4",
      "username": "root",
      "password": "password"
    }
  },
  "proxy": {
    "domains": "zenshome.jp,www.zenshome.jp",
    "ssl": {
      "letsEncryptEmail": "engineering@zens.tokyo",
      "forceSSL": true
    }
  },
  "app": {
    "name": "my-app",
    "path": "../../",
    "servers": {
      "one": {}
    },
    "buildOptions": {
      "serverOnly": true
    },
    "env": {
      "ROOT_URL": "https://host.com",
      "MONGO_URL": "mongodb://user:pass@subdomain.subdomain.host.com:16722/zensroom?ssl=true",
      "VIRTUAL_HOST": "zenshome.jp,www.zenshome.jp",
      "HTTPS_METHOD": "redirect",
      "HTTP_FORWARDED_COUNT": 1,
      "LETSENCRYPT_HOST": "zenshome.jp,www.zenshome.jp",
      "LETSENCRYPT_EMAIL": "engineering@zens.tokyo"
    },
    "docker": {
      "image": "abernix/meteord:node-8.9.1-base",
      "prepareBundle": false,
      "stopAppDuringPrepareBundle": true
    },
    "deployCheckWaitTime": 120,
    "enableUploadProgressBar": true,
    "type": "meteor"
  }
}
@SachaG
Copy link
Author

SachaG commented Nov 26, 2018

So it seems like I need to turn forceSSL off and then enable SSL on Cloudflare's side. You can't use Cloudflare's caching, CDN, etc. unless you also use their SSL. You can then check "Always Use HTTPS" in Cloudflare's dashboard.

This seems to work except I'm now getting a 403 error when querying my GraphQL endpoint during the SSR process. Which is unrelated to Mup, but now I'm wondering if maybe I shouldn't just give up on Cloudflare for now…

@ghost
Copy link

ghost commented Feb 26, 2019

Dear website owner,

Please stop using CloudFlare.
You're doing it wrong.

Take a look:
Problem with CloudFlare
General problem with Cloudflare's MITM attack on the Internet
Why Cloudflare?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SachaG