WordPress redirect loop when using CloudFlare – err_too_many_redirects [Solved]

As a wordpress user, or hosting admin i’m sure you have seen it before – the dreaded err_too_many_redirects page.

This is caused by a number of issues, including:

  • Domain name change
  • Changing SSL certificate
  • Incorrect URL configuration
  • Server misconfiguration
  • .htaccess errors
  • Cookie issues
  • Reverse proxy issues
  • HTTPS issues
  • Plugin malfunctions
  • Bad WordPress upgrades
  • Server file permission issues
  • The list goes on, but you get the message…

There are countless reasons that could cause this error, and most of them are easily fixable with a quick google. However Yesterday i came across a new one.

WordPress, Cloudflare & Shared Hosting

If you came here for the Solution here it is:

Edit your wp-config.php file and at the bottom add:

if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';

So what causes this?

Well, in this case it was a combination of things, this is very specific to three things in this environment. 1) Shared Hosting. 2)No root SSL Certificate. 3)CloudFlare ‘Always use HTTPS’ settings.

After taking a step back and working out the basics of what i had, and why other ‘fixes’ that usually work, weren’t- i realised what i had here, was a simply reverse proxy. That is, that where the files are hosted without SSL, but the reverse proxy (in this case CloudFlare) was using SSL.

Finally, i found this nugget in the WordPress Codex:
https://codex.wordpress.org/Administration_Over_SSL#Using_a_Reverse_Proxy

And it all clicked.

“If WordPress is hosted behind a reverse proxy that provides SSL, but is hosted itself without SSL, these options will initially send any requests into an infinite redirect loop.

And that is why we need to tell wordpress to force SSL to prevent this WordPress redirect loop when using CloudFlare.

Hope that someone finds this helpful!

DMARC with quotes or without? [SOLVED]

Does my DMARC record need to include quotation marks or not?

9/10 times, no quotes are needed.

However, this all depends on where you edit your DNS.

In the raw DNS zone file, which is what is passed from machine to machine, the .txt record DOES need to be enclosed in quotation marks if it contains spaces. It is unlikely that your domain/DNS provider however will give you direct edit access to this, and instead will be providing their own interface to edit entries with pre-built in quotation marks. Exceptions to this can be found when directly editing via CLI at the root of a server, or when using the raw edit mode on WHM.

For example, Cloudflare will automatically wrap any string of text in a .TXT record in quotes for you, and remove extra quotes you may add,

namesco however will not automatically remove extra quotations to their already provided ones – which could lead to double quotations, and issues further down the line.

It pretty much boils down to your provider, it is best to have a quick skim of their DNS Q&A section – or to test by trial and error!

My favorite testing site is currently https://mxtoolbox.com/DMARC.aspx