Infinite redirection loop for Django backend (hosted on railway) application (hosted on cloudfare)
tl;dr I'm getting an infinite loop when I request my django backend, and I don't know how to fix it
I'll give some context to what's happening:
- My django backend works on localhost (I used nginx as a reverse proxy when developing it)
- I've got a cloudfare domain, and I've registered by backend to it on railway
- when I try to connect to the backend over the Cloudflare domain, I keep getting redirected to the page I requested- so it's an infinite loop
- I'll give some outputs to show what's happening
Request headers:
Request URL:
https:... <--- my project domain
Request Method:
GET
Status Code:
301 Moved Permanently
Remote Address:
x.x.x.x:443
Referrer Policy:
strict-origin-when-cross-origin
And the response:
alt-svc:
h3=":443"; ma=86400
cf-cache-status:
DYNAMIC
cf-ray:
92efc2dfbffc57dd-SYD
content-type:
text/html; charset=utf-8
date:
Sat, 12 Apr 2025 03:50:44 GMT
location:
... <--- same domain name as I requested
nel:
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to:
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BY0YmE3vW8uxgXBlVKUb%2BBuxQrbGw%2F2J2wEGzGndoKueBiCzA%2FYkGsADUkrcMq6KC02ocvzetSIzDhSun56YdCECv04ANU3UaaxEzBQ6%2BnNfN9r5tmjhDD53DHq3IPVCnWnwPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server:
cloudflare
server-timing:
cfL4;desc="?proto=QUIC&rtt=8014&min_rtt=7349&rtt_var=1550&sent=12&recv=11&lost=0&retrans=0&sent_bytes=3715&recv_bytes=3440&delivery_rate=821&cwnd=12000&unsent_bytes=0&cid=b1e2e4808802a704&ts=2802&x=16"
x-railway-edge:
railway/us-west2
x-railway-request-id:
hd3fL70KS824dNgkcC4bnQ_3336177264
This request and response keep happening until the browser steps in.
If I curl the endpoint, I just get:
<a href="my backend domain">Moved Permanently</a>.
So Cloudflare has the flexible SSL/TLS encryption mode, and in my settings.py, I have:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SECURE_SSL_REDIRECT = False
I've tried removing/toggling these settings in settings.py, but to no avail. Changing the SSL/TLS mode to full or full (strict) in Cloudflare also doesn't fix the issue (full strict causes a bad gateway).
So my question is: what do I need to have in my settings.py and/or Cloudfare to prevent this infinite loop? Where in my backend code should I check to fix this?
Please do request more information if needed.