1 min read

WordPress too many redirects to wp-admin while using Cloudflare

I have a stand alone WordPress install that has been running along just fine for years. Recently it started throwing an error when trying to login or visit the wp-admin

Too many redirects occurred trying to open “{domain}/wp-admin”. This might occur if you open a page that is redirected to open another page which then is redirected to open the original page.

What happen was the site was utilizing Cloudflare and for the SSL encryption it had flexible enabled. Flexible means the browser uses https and a secure connection, but from Cloudflare to the server it’s not.

The Cloudflare ssl setting

So what was happening is WordPress thought the connection wasn’t secure and kept trying to redirect back to itself. Causing an infinite loop. The way to fix this, would be either to go “Full” mode in Cloudflare or use a reverse proxy. If you go the reverse proxy route just add the following to the wp-config.php file:

define('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain 
// a comma-separated list e.g. http,https
// so check for https existence
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';

With this in place the redirects should stop and you can then login and use your site as normal. Of course, the best practice is you should enable the Full mode in Cloudflare and install their certificate on your server. But for a quick fix the reverse proxy is easy to use.