[solved] Rules | Redirect Rules is bugged, still working after removed my redirect rule??
Hello anyone know, why rules, exactly the redirect rules, is bugged? I had a rule enabled, but when I removed the rule, still active, and redirect to the page, why this happend??
Of course, I paused proxied, remove dns, pause DNS in the whole domain (for more than 2 hours), and still redirecting to the page, but the rule doesnt exists what should I do?
56 Replies
If you disabled proxy, and it still redirects hours later (After dns propogation), then that redirect is likely from your origin server/not Cloudflare.
What's the source url that is redirecting?
https://gitlab.karasueaters.com
Thats the url, is getting redirect to another site that doesnt exists and I already remove the rule.
The problem is, if I disable cloudflare everything works fine instead of the SSL invalid certificates etc, so I think it is a cloudflare issue
And if I disable only the proxied to that page, works fine too, so I dont know what is going on
There's a redirect to /explore from your origin (can tell because cf-cache-status exists, so CF fetched from your origin, and all of the x-gitlab headers)
I'm guessing Gitlab thinks the root url is on karasueaters.com and not gitlab.karasueaters.com, and it's just trying to redirect to the normal explore page
But is werid after I enable the rule, because I want to tested something, was working well, but when I enable the rule and then remove still redirects
As I know I did not touch anything related in my origin to gitlab
the change you did in Cloudflare isn't related most likely -- this redirect is from your origin itself
it works if you visit the /explore page directly - https://gitlab.karasueaters.com/explore
Usually programs have a "base" or "home" url you can set, which is used for all redirects. It looks like in this case, it's been set to
karasueaters.com when it should be gitlab.karasueaters.comBut I put manually the /explore page in the rules redirects too, because I want use /explore as home page, but I missed whith that will be impossible to login. And thats why I remode the rule and after that is not working
The redirect isn't from Cloudflare
Then why is working if I pause the proxied in clodflare over that url? What im missing?
does it work without Cloudflare? I thought you said you got a cert. error
Because of hsts
I had enable it on through cloudflare
and if you bypassed hsts, it worked & didn't redirect? Or did you not get that far
(opps, I meant if It worked without Cloudflare)
Sure see if works for you and if you can access it without being redirected, I will pause all cloudflare to the domain
sure
Check now
< HTTP/2 302
< server: nginx
< date: Thu, 20 Jul 2023 13:54:38 GMT
< content-type: text/html; charset=utf-8
< content-length: 98
< location: https://karasueaters.com/explore
< cache-control: no-cache
< content-security-policy:
< permissions-policy: interest-cohort=()
< x-content-type-options: nosniff
< x-download-options: noopen
< x-frame-options: SAMEORIGIN
< x-gitlab-meta: {"correlation_id":"01H5SS9JCXSJSJXQ67QA960R9J","version":"1"}
< x-permitted-cross-domain-policies: none
< x-request-id: 01H5SS9JCXSJSJXQ67QA960R9J
< x-runtime: 0.028723
< x-ua-compatible: IE=edge
< x-xss-protection: 1; mode=block
< strict-transport-security: max-age=63072000
< referrer-policy: strict-origin-when-cross-origin
< strict-transport-security: max-age=31536000;
even without Cloudflare (no cf server header), it still does the redirect
you can do it?
im getting hsts problem
I bypassed it, testing via curl
i.e
curl https://gitlab.karasueaters.com/ -vvv -k
you can type "thisisunsafe" on that page to bypass it (no prompt or anything)
where in the chrome console?
no literally just on that screen
there's no prompt or text box, just have the window in focus and type it
what is going on hahaha
it's just a way to bypass HSTS, Chrome didn't want to make it too easy for regular users to do it
I mean I tried like 4 hours ago and was working fine
and now redirects again to main domain
I'm 99% sure it's what I said above, somewhere in your Gitlab configuration you set a "base" or "home url" to
https://karasueaters.com
It thinks the app is running on that URL, so it's redirecting to ityh, I open new private windows and its fine, and redirects to main domain
interesting, I will check nginx so
aaaahh what a headache
I haven't used gitlab before, but it looks like in your gitlab.yml file there's a
host property under gitlab
If you set that, I would make sure it's to gitlab.karasueaters.com and not just karasueaters.com
I don't think it's nginx because the redirect has response headers from gitlab on it, if nginx alone was doing it, you wouldn't have thoseyeah but its weird,
is behind docker compose
and I dont know why is getting main domain
hmm that looks fine
If you want to do something weird just for now, beat that redirect with your own from Cloudflare, create a new redirect rule with contents like
thats will not make a loop?
I mean I need to access main page, because is the login page, if you want to access repositories etc
nah because we're checking if the path is / and going to /explore, and it looks like gitlab isn't redirecting us twice
sign in is on its own page, so are repos, this is just for the root path /
it might not fully work, just an idea to hack around it for now
ofc I was looking for something similar to that line, but maybe is inside the docker machine??
find /etc -type f -print0 | xargs -0 -P 8 -L 1 grep -Hn 'karasueaters.com/explore'you wouldn't find /explore on it, you would probably just find the hostname
karasueaters.compfff maybe Ill die first looking for main domain
hahah
Did you try the redirect rule hack? worth a shot for now imo
nah, but I will try for sure, you want to check it now you mean if works?
yea it might not work for all situations, like if your gitlab instances sends out emails/etc, but if you're only accessing it through the web, it looks like it only uses the configured base url just for the initial redirect and the rest are all relative links, which might work
done
it seems to work other then dns cache being annoying, although I would still recommend trying to find the root cause at some point
cool, I will take a look, but honestly, I only touched the rule in cloudflare and after that, doing some testing rules, stop working fine, and starts the redirect I dont know
but thx for all
you didn't ever have gitlab on
karasueaters.com rather then the gitlab subdomain, or configure something like that?nope never, thats why I dont know what is going on
that's weird, I mean it happens without Cloudflare enabled so it shouldn't be related at all, but no clue why it would change.
I'm not familiar with Gitlab, but there's a few hits for this on the web, ex:
https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6919
It looks like it could be a few causes, one being external_url being set wrong, another being this
"Under the Admin Area the following was configured:
Settings > General > Sign-in restrictions : Home-Page URL was misconfigured, so non-authenticated users would be directed to the webpage..."
Might be worth reading over that entire thing if that doesn't fix it, they walk through a lot of the potential causes, another being the homepage url (it asks you for on setup?)
GitLab
Gitlab page call redirects to www.domain.tld (#6919) · Issues · Git...
Hello all, I've recently started experiencing a strange phenomenon that doesn't point to its origin. Gitlab runs on its own infrastructure in the Community...
hooolyy, how can I be so stupid lmao
take a look
hahahaha
no way
lol try changing those to gitlab subdomain, and then disabling the redirect rule you created in CF
I was like 3 days looking for this error
thats it
check it now with curl
I get redirrected to the login page now instead of the /explore page, but guessing that's what you configured
yeah, the main page, redirects via to login page, and if you want to look out in "explore", you can press the link below for example
thats how it works, so nice
ah ok nice, yea that's a lot cleaner then the redirect rule hack, at least it was semi-simple
hahah yep, thanks dude!