Skip to content
My Docs

CloudflareのDNSでProxyモードを使ってhatenablog.comにCNAMEを設定するとリダイレクトループが発生する

はてなブログのドメインをお名前.comからCloudflare Registrarに移行した

Terminal window
$ curl -v https://blog.lufia.org/
* Host blog.lufia.org:443 was resolved.
* IPv6: 2606:4700:3036::ac43:b2ca, 2606:4700:3034::6815:3840
* IPv4: 104.21.56.64, 172.67.178.202
*   Trying [2606:4700:3036::ac43:b2ca]:443...
* Immediate connect fail for 2606:4700:3036::ac43:b2ca: ネットワークに届きません
*   Trying [2606:4700:3034::6815:3840]:443...
* Immediate connect fail for 2606:4700:3034::6815:3840: ネットワークに届きません
*   Trying 104.21.56.64:443...
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / x25519 / id-ecPublicKey
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=lufia.org
*  start date: Dec 17 15:45:51 2024 GMT
*  expire date: Mar 17 16:15:59 2025 GMT
*  subjectAltName: host "blog.lufia.org" matched cert's "*.lufia.org"
*  issuer: C=US; O=Google Trust Services; CN=WE1
*  SSL certificate verify ok.
*   Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
*   Certificate level 1: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA384
*   Certificate level 2: Public key type EC/secp384r1 (384/192 Bits/secBits), signed using ecdsa-with-SHA384
* Connected to blog.lufia.org (104.21.56.64) port 443
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://blog.lufia.org/
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: blog.lufia.org]
* [HTTP/2] [1] [:path: /]
* [HTTP/2] [1] [user-agent: curl/8.11.1]
* [HTTP/2] [1] [accept: */*]
> GET / HTTP/2
> Host: blog.lufia.org
> User-Agent: curl/8.11.1
> Accept: */*
>
* Request completely sent off
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
< HTTP/2 301
< date: Tue, 17 Dec 2024 17:09:05 GMT
< content-type: text/html
< location: https://blog.lufia.org/
< x-proxy-revision: ee0a2ee4244a4eb8f2d6113ad2be90377bb428ff
< cf-cache-status: DYNAMIC
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnGpvlvHw7s2DdwaYTtsG6PIaiCFDnrctZaP5xyPPfHeF7qXPjkbtTPcUlNtvcUrMqpUb%2BMyUUqEoNNjLI36Nm8M3DLQEm%2FGLPAg0JiwVP%2BGAl7R6P%2FLeVxpt77IgF%2BhNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 8f3884d6fba9807d-NRT
< alt-svc: h3=":443"; ma=86400
< server-timing: cfL4;desc="?proto=TCP&rtt=16895&min_rtt=16825&rtt_var=3665&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3400&recv_bytes=753&delivery_rate=247601&cwnd=239&unsent_bytes=0&cid=99ed15fa74a39595&ts=76&x=0"
<
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>