If you’re reading this, chances are you’ve just set up an Nginx server for your WordPress site, enabled HTTPS, and then… bam! You’re stuck in an endless redirect loop. If you’re using Cloudflare’s proxy service with default settings (yes, the orange cloud is on) and haven’t adjusted any SSL/TLS settings, that’s likely the culprit.

Let’s break down why this happens and, most importantly, how to fix it.

The Issue: Endless Redirects with HTTPS

You thought you’d be securely serving your WordPress site over HTTPS, but instead, your browser says: “The page isn’t redirecting properly.” So what gives?

This frustrating loop often happens when:

  1. You have Nginx configured to force HTTPS (good!).
  2. You’re using Cloudflare as a CDN (also good!).
  3. But… Cloudflare and your server aren’t on the same page about how to handle HTTPS.

This creates a situation where Nginx tries to enforce HTTPS, but Cloudflare, depending on its settings, may be trying to connect to your server over HTTP. The result? They’re each nudging your visitors back and forth, and no one gets through.

Typical Nginx Configuration with WordPress

Here’s a simplified Nginx configuration that many people use to force HTTPS:

server {
    listen 80;
    listen [::]:80;
    server_name yoursite.com;
    root /var/www/wordpress;
    index index.php;

    # Redirect all HTTP requests to HTTPS
    return 308 https://$host$request_uri;

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name yoursite.com;
    ssl_certificate /etc/nginx/ssl/yoursite.com_xxx/fullchain.cer;
    ssl_certificate_key /etc/nginx/ssl/yoursite.com_xxx/private.key;
    root /var/www/wordpress;
    index index.php;
    client_max_body_size 50M;
    rewrite /wp-admin$ $scheme://$host$uri/ permanent;
    location ~ [^/]\.php(/|$) {
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }
}

Looks good, right? This configuration tells Nginx, “Any HTTP requests? Redirect them all to HTTPS.” But there’s a catch when Cloudflare’s in the picture.

Why the Loop Happens with Cloudflare

The loop usually occurs because of a mismatch in how Cloudflare and your server communicate:

  • Cloudflare lets you set how it handles HTTPS via SSL/TLS settings: Flexible, Full, or Full (Strict).
  • Here’s the kicker: If Cloudflare’s SSL/TLS mode is set to Flexible, it’ll use HTTPS for users but connect to your server over HTTP. Nginx sees an HTTP request and redirects it to HTTPS, sending the request back to Cloudflare, which again connects over HTTP. Voilà — you’re in a redirect loop.

The Solution

The fix? A few quick adjustments on both Cloudflare and WordPress.

Step 1: Update Cloudflare SSL/TLS Settings

Go to Cloudflare’s SSL/TLS settings and make sure you’re using Full (Strict). This setting means Cloudflare will connect to your server using HTTPS and check your certificate. With both Cloudflare and Nginx agreeing to use HTTPS, the redirect loop will end.

Note: Full (Strict) ensures the highest level of security and is recommended if your server has a valid SSL certificate.

Step 2: Verify WordPress URLs

In WordPress, go to Settings > General and make sure both the WordPress Address (URL) and Site Address (URL) are set to HTTPS. If they’re still set to HTTP, WordPress might potentially initiate a redirect back to HTTP, which could lead to another loop. (Just a possibility—WordPress often handles this correctly, but setting it to HTTPS helps avoid any issues.)

To be extra thorough, you can add these lines in your wp-config.php file to enforce HTTPS on the backend:

define('FORCE_SSL_ADMIN', true);
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
    $_SERVER['HTTPS'] = 'on';
}

Step 3: Check Nginx Configuration

With Cloudflare set to Full (Strict), your original Nginx configuration should work as expected without causing a loop. Here’s what it would look like:

server {
    listen 80;
    listen [::]:80;
    server_name yoursite.com;
    root /var/www/wordpress;
    index index.php;

    # Redirect all HTTP to HTTPS
    return 308 https://$host$request_uri;

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }
}

Step 4: Clear Cache and Test

Finally, clear your browser cache, restart Nginx, and test your site. You should now be able to access your site without getting caught in that redirect loop!

Final Thoughts

Redirect loops can be frustrating, but by ensuring that Cloudflare and your server agree on HTTPS settings, you can get your site up and running securely. Hopefully, this guide has made the process straightforward!

Got questions or tips? Drop them in the comments!

I am a proud member of Generation X, deeply passionate about IT technology. I have always been fascinated by how technology shapes our world. I thrive on exploring new trends, developing innovative solutions, and sharing knowledge with others.
Last updated on 2024-10-28