Did you know that you can navigate the posts by swiping left and right?

GitHub Pages with Multiple Custom Domains and SSL Redirect

30 Jul 2018 . Category . Comments #meta

I’ve been hosting my website on GitHub pages for several years. It’s a great way to host a static site like this one, and offers the ability to use a custom domain and free https. This is the story of what happens when you change out custom domains.

The custom domain I’ve been using is andrewmolney.name. I bought it years ago when the .name came out because it was supposed to be ‘the thing’ that everyone uses for their personal sites (this was before .me). In the meantime, it has become widely used for hacking and no one understood what it was. Still it appeared on the first page of Google hits, so it was OK.

It occured to me the other day that while I never felt comfortable with .com and .org for my personal website, I didn’t have a problem at all with .ai. Actually it felt really appropriate. So I proceeded to buy olney.ai.

Switching out the custom domain with GitHub went pretty smoothly (I bounced back and forth on whether to make olney.ai primary or www.olney.ai primary and finally settled on olney.ai). However, Google search results still listed https://www.andrewmolney.name, so I needed to do a redirect. No problem, right?

Turns out, this is a bit trickier than you might think. There are two issues here:

In other words, it has to be a redirect, and your redirect has to have an ssl certificate. So my GoDaddy andrewmolney.name 301 redirect didn’t work.

To solve this, I used Cloudflare as has been been suggested for multiple custom GitHub domains. However, this is not widely discussed in detail, and the https case seems to be discussed even less. So for future reference, here are the steps:

  • Set up a free Cloudflare account, using their nameservers
  • Create two CNAME records between the redirecting custom domain and the custom domain used by GitHub. In my case it was (in Cloudflare vernacular) www is an alias of www.olney.ai and andrewmolney.name is an alias of olney.ai. The later case uses CNAME flattening
  • Create a page rule mapping the redirecting custom domain to the custom domain used by GitHub. In my case it was *andrewmolney.name/* as 301 to https://olney.ai/$2.
  • Set Cloudflare SSL to Full (Strict)

What does this do? Cloudflare enables flexible SSL by default. The CNAMEs are necessary to route traffic through Cloudflare, otherwise there’s nothing for the page rule to act on. The page rule matches any protocol or subdomain (left hand side) and any trailing directories (right hand side) and maps that to https://olney.ai/(right hand side) using variable substitution. Since the right hand side is the second capture group, the variable is $2 instead of $1. Once things are set up, you set SSL to strict to remove the security holes created by flexible.

All in all, it was pretty simple to do, but somewhat annoying given the many possible variations in the page rule and possible redirect targets.