Redirect loop using cloudflare's Flexible ssl

Solution 1:

Cloudflare's flexible ssl means the connection between cloudflare and your server is always over http:

Given this - the only server block in the question of relevance is this one:

server {
   listen         80;
   server_name    example.com www.example.com;
   return         301 https://$server_name$request_uri;
}

It should be obvious why that results in a redirect loop, there are 2 solutions to force https connections using their flexible ssl solution.

Use Cloudflare's page rules

If access to the server is exclusively via cloudflare you can use cloudflare's own page rules to modify responses for a domain, subdomain, or any url pattern:

One of the options is to force https:

Test $http_x_forwarded_proto

There are times you may want to avoid using page rules (should be rare or transitional only), for these scenarios it's possible to test the forwarded protocol and redirect based on that:

server {
   listen         80;
   server_name    example.com www.example.com;

   if ($http_x_forwarded_proto = "http") {
     return 301 https://$server_name$request_uri;
   }

   ... directives to generate a response
}

Solution 2:

This can fix the problem if you have the valid SSL certificate on your. [Crypto] box and select Full (strict) as in the image.

Really no need to update the web server configuration file for Nginx.