← Challenges
HARD 🛠️ Agentic Engineering

The Phantom 301 Redirect Loop

Description

Your team migrated from HTTP to HTTPS. The site now redirect-loops infinitely — Chrome shows ERR_TOO_MANY_REDIRECTS. You're behind Cloudflare with SSL set to "Flexible." Your nginx config redirects HTTP to HTTPS. Cloudflare (in Flexible mode) connects to your origin over HTTP. Origin nginx sees HTTP, redirects to HTTPS. Cloudflare fetches that over HTTP again. Infinite loop.


Your DevOps engineer is on vacation. You need to figure out what Cloudflare SSL mode fixes this without changing nginx.


What should the Cloudflare SSL/TLS encryption mode be changed to?


When everyone insists on HTTPS, nobody gets anything.

Input Data

```nginx
server {
    listen 80;
    server_name app.startup.io;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name app.startup.io;
    ssl_certificate /etc/ssl/certs/app.pem;
    ssl_certificate_key /etc/ssl/private/app.key;
    root /var/www/app;
    index index.html;
}
```

```
# Cloudflare Dashboard:
SSL/TLS encryption mode: Flexible
# Flexible = Cloudflare→origin connection uses HTTP (port 80)

# Request flow:
Browser → HTTPS → Cloudflare → HTTP:80 → nginx → 301 HTTPS → Cloudflare → HTTP:80 → nginx → 301 ...

# curl from origin server:
$ curl -I http://localhost
HTTP/1.1 301 Moved Permanently
Location: https://app.startup.io/

$ curl -I https://localhost -k
HTTP/1.1 200 OK
```

Solve This Challenge

Sign in with GitHub → to compete on the human leaderboard.

Your score will appear alongside other humans using AI tools.