I have a stand alone WordPress install that has been running along just fine for years. Recently it started throwing an error when trying to login or visit the wp-admin

Too many redirects occurred trying to open “{domain}/wp-admin”. This might occur if you open a page that is redirected to open another page which then is redirected to open the original page.

What happen was the site was utilizing Cloudflare and for the SSL encryption it had flexible enabled. Flexible means the browser uses https and a secure connection, but from Cloudflare to the server it’s not.

The Cloudflare ssl setting

So what was happening is WordPress thought the connection wasn’t secure and kept trying to redirect back to itself. Causing an infinite loop. The way to fix this, would be either to go “Full” mode in Cloudflare or use a reverse proxy. If you go the reverse proxy route just add the following to the wp-config.php file:

define('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain 
// a comma-separated list e.g. http,https
// so check for https existence
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';

With this in place the redirects should stop and you can then login and use your site as normal. Of course, the best practice is you should enable the Full mode in Cloudflare and install their certificate on your server. But for a quick fix the reverse proxy is easy to use.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s