You are viewing the legacy StackPath SecureCDN Help Center. Please use if you signed up after July 1, 2018 or log in through

StackPath Support

Redirecting to HTTPS while using the StackPath WAF

In this article, we will explain how to redirect HTTP traffic to HTTPS while using the StackPath SecureCDN and WAF enabled. There are a few "gotcha's involved, so please be sure to read closely!

On SecureCDN sites with WAF enabled, EdgeRules only apply to file types that are included in the WAF aggressive caching list. All other requests are filtered by the WAF and passed back to the origin server. 

HTTP to HTTPS redirection with WAF will only work for the root domain and will stop working if you try to modify the redirection with additional rules.
e.g. you may not redirect to  

  1. Log into the StackPath control panel and navigate to the Site where you want to set up redirection. 
  2. Under CDN, choose EdgeRules from the sidebar menu 
  3. Select Add New Rule and chose Force HTTPS Connections
  4. In the create EdgeRule screen, ensure that the Match Type is set to Default and Select +Create


Return to top