As a wordpress user, or hosting admin i’m sure you have seen it before – the dreaded err_too_many_redirects page.
This is caused by a number of issues, including:
- Domain name change
- Changing SSL certificate
- Incorrect URL configuration
- Server misconfiguration
- .htaccess errors
- Cookie issues
- Reverse proxy issues
- HTTPS issues
- Plugin malfunctions
- Bad WordPress upgrades
- Server file permission issues
- The list goes on, but you get the message…
There are countless reasons that could cause this error, and most of them are easily fixable with a quick google. However Yesterday i came across a new one.
WordPress, Cloudflare & Shared Hosting
If you came here for the Solution here it is:
Edit your wp-config.php file and at the bottom add:
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';
So what causes this?
Well, in this case it was a combination of things, this is very specific to three things in this environment. 1) Shared Hosting. 2)No root SSL Certificate. 3)CloudFlare ‘Always use HTTPS’ settings.
After taking a step back and working out the basics of what i had, and why other ‘fixes’ that usually work, weren’t- i realised what i had here, was a simply reverse proxy. That is, that where the files are hosted without SSL, but the reverse proxy (in this case CloudFlare) was using SSL.
Finally, i found this nugget in the WordPress Codex:
https://codex.wordpress.org/Administration_Over_SSL#Using_a_Reverse_Proxy
And it all clicked.
“If WordPress is hosted behind a reverse proxy that provides SSL, but is hosted itself without SSL, these options will initially send any requests into an infinite redirect loop.
And that is why we need to tell wordpress to force SSL to prevent this WordPress redirect loop when using CloudFlare.
Hope that someone finds this helpful!