Cloudflare Universal SSL with Haproxy

Until Let’s Encrypt is up and running its possible to use Cloudflare that has this great free service called Universal SSL where they basically offer free wildcard certificates for all their customers. I am not affiliated with Cloudflare in any way but they do offer some nice stuff for free.

Anyway I thought it would be nice to be able to access my pages directly over http as long as I connect directly, but to force SSL for my domains and the rest of the world using CF.

Since CF are nice enough to add a header that says if the initial client request was using http or https I can just check it and redirect based on that.

Just add the following snippet to the frontend part of haproxy.cfg

acl cf hdr_reg(CF-Visitor) "scheme":"http"
redirect scheme https code 301 if cf

And thats it, https for everyone.