Redirect admin area requests to HTTPS

Create a redirect rule to redirect requests for the administration area of `store.example.com` to HTTPS, keeping the original path and query string.

This example dynamic redirect for zone example.com will redirect requests for the administration area of a specific subdomain (store.example.com) to HTTPS, keeping the original path and query string.

Example

When incoming requests match

Field: SSL/HTTPS
Value: Off

And

Field: Hostname
Operator: equals
Value: store.example.com

And

Field: URI Path
Operator: starts with
Value: /admin

If you are using the Expression Editor, enter the following expression:
(not ssl and http.host eq "store.example.com" and starts_with(http.request.uri.path, "/admin"))

Then

Type: Dynamic
Expression: concat("https://", http.host, http.request.uri.path)
Status code: 301
Preserve query string: Enabled

The rule includes SSL/HTTPS: Off (not ssl in the rule expression) to avoid redirect loops.

For example, the redirect rule would perform the following redirects:

Request URL	Target URL	Status code
`http://store.example.com/admin/products/`	`https://store.example.com/admin/products/`	`301`
`https://store.example.com/admin/products/`	(unchanged)	n/a
`http://store.example.com/admin/?logged_out=true`	`https://store.example.com/admin/?logged_out=true`	`301`
`http://store.example.com/?all_items=true`	(unchanged)	n/a
`http://example.com/admin/`	(unchanged)	n/a

Cloudflare Dashboard Discord Community Learning Center Support Portal