Discussion - Too many redirects with cloudflare CDN? | PlexGuide.com

Discussion Too many redirects with cloudflare CDN?

  • Stop using Chrome! Download the Brave Browser via >>> [Brave.com]
    It's a forked version of Chrome with native ad-blockers and Google's spyware stripped out! Download for Mac, Windows, Android, and Linux!
Welcome to the PlexGuide.com
Serving the Community since 2016!
Register Now

syebrexsr

Experienced+
Donor
Patron
May 22, 2020
126
26
Correct. It is the API key for your indexer, not Google or cloudflare. If you have pgclone,.pgshield and traefik deployed, your cloudflare and Google keys will not be used again.
Post automatically merged:

So after someone else ran into this, I checked some things and apparently you can put in *.domain.com/* in the page rules, but you have to have the right config for it to not auto change it to https. A friend was getting the too many redirect error. So I made his settings mirror minr and it worked. My settings are:

Cloudflare dashboard:

SSL/overview tab:

SSL - Full
Min tls - 1.2
Opp encryption - on
Tls 1.3 - on
Auto https rewrite - on
Cert monitoring - your choice

Page rules:
*.yourdomains.com/* (no https in front)
SSL - full
Cache level - bypass
Auto https rewrite - on
Origin cache control - off

With these settings everything works fine for him (and me) and the too many redirects or 525 errors went away.
Ed
Thank you, all is working now and using https. I had a LetCrypt limit reach. Thank you for all the help!
 

fyrstrm

Experienced
Donor
May 1, 2020
90
30
Good thread. Just a quick question though if you don't mind. So are you saying that it's best to have cloudflare setup proxied rather than DNS only for PG? I'm still having trouble with Traefik deploying fully. Everything works but it doesn't successfully completed all operations and then my pgshield options crashes too prior to getting to the menu. I'm wondering if it could be that I'm not using CF proxy but running in DNS only mode. Any thoughts? Thanks
 

Edrock200

MVP
Original poster
Staff
Nov 17, 2019
606
216
Good thread. Just a quick question though if you don't mind. So are you saying that it's best to have cloudflare setup proxied rather than DNS only for PG? I'm still having trouble with Traefik deploying fully. Everything works but it doesn't successfully completed all operations and then my pgshield options crashes too prior to getting to the menu. I'm wondering if it could be that I'm not using CF proxy but running in DNS only mode. Any thoughts? Thanks
Yes most likely your router isnt allowing dns route looping. Set cf to proxy portaner and set ssl to full to get around it. Alternatively you can edit /etc/hosts on ubuntu to point portainer.yourdomain.com to your internal ip (e.g. 192.168.1.x)
 
  • Love
Reactions: 1 user

fyrstrm

Experienced
Donor
May 1, 2020
90
30
Yes most likely your router isnt allowing dns route looping. Set cf to proxy portaner and set ssl to full to get around it. Alternatively you can edit /etc/hosts on ubuntu to point portainer.yourdomain.com to your internal ip (e.g. 192.168.1.x)
Yeah, I spent all last night trying to find out how to hairpin my router and it is no longer supported even through the forked merlin firmware. I got it all working this AM finally and appreciate your and @bodgeup 's assistance. He's been amazing at helping me troubleshoot stuff and get me up and running. Heavy props to those of you who take the time to help people out and respond. Most appreciated. The reason both Traefik and Shield get crashing right out midstream was that my router would not do the NAT loopback and the curl commands couldn't verify portainer as a result. Hopefully other users will see this too as it was a mystery for a long time what was going on. Anyway, it's nice to finally have shield up and running. Thanks gents sincerely!
 
  • Like
Reactions: 1 users

bodgeup

Experienced+
Staff
FreeLancer
Donor
Aug 12, 2018
108
33
Yeah, I spent all last night trying to find out how to hairpin my router and it is no longer supported even through the forked merlin firmware. I got it all working this AM finally and appreciate your and @bodgeup 's assistance. He's been amazing at helping me troubleshoot stuff and get me up and running. Heavy props to those of you who take the time to help people out and respond. Most appreciated. The reason both Traefik and Shield get crashing right out midstream was that my router would not do the NAT loopback and the curl commands couldn't verify portainer as a result. Hopefully other users will see this too as it was a mystery for a long time what was going on. Anyway, it's nice to finally have shield up and running. Thanks gents sincerely!
Hope its all still working lol!
 

Edrock200

MVP
Original poster
Staff
Nov 17, 2019
606
216
Glad you got it working! Curious though, did setting your Ubuntu host to another DNS server, like google public DNS, not work?
 

bodgeup

Experienced+
Staff
FreeLancer
Donor
Aug 12, 2018
108
33
was his firewall not DNS, his TLD wasn't on CF's banned list so soon as he put his instance on DMZ it ran fine. DMZ is there for webservers same as i use mine on.
 
  • Like
Reactions: 1 user

syebrexsr

Experienced+
Donor
Patron
May 22, 2020
126
26
was his firewall not DNS, his TLD wasn't on CF's banned list so soon as he put his instance on DMZ it ran fine. DMZ is there for webservers same as i use mine on.
So basically it sounds that issue was to do with ports, putting it on the DMZ opens all ports for the clients in the DMZ.
 

fyrstrm

Experienced
Donor
May 1, 2020
90
30
Hey guys sorry on vacation. Actually it was DNS. I had to manually put entries in my Ubunt vm so it could pass through to the menu. Putting in the DMZ didn’t help at all...the DNS did though.
 

bodgeup

Experienced+
Staff
FreeLancer
Donor
Aug 12, 2018
108
33
DMZ did have part to play in the problem but yeah I do now remember we used DMZ as u had Github pull issues with PGShield menu. DMZ is where u always stick Webservers anyway so it made sense as DMZ = no traffic Filtering generally (unless you want it), but yeah your right it was the hosts file that fixed this particular problem wasnt it?? Sorry yeah we did so much to get it going but yeah portainer. in hosts file to instance local ip to fix the webserver detection parts.

Reason the Hosts file fix works is because this is what happens with off shelf routers / firewalls they have one NAT rule which isnt always sufficient. But yeah Hosts file to prevent traffic hitting the NAT on the router.

Bodgeup
 
Last edited:

Recommend NewsGroups

      Up To a 58% Discount!

Trending