Fixing The WordPress Infinite Redirect With HTTPS
About The Author
Cabe Nolan is the founder of WP Cover where he shares his insight into WordPress, development, & entrepreneurship. Outside of WPCover, Cabe continues to run a successful WordPress development firm, Bold City Design as well as a few high profile websites, Arrivala, Two Way Resume, Dock Skipper, and a successful outdoors brand, DolfinPack. Fixing The WordPress Infinite Redirect With HTTPS
Following Google’s algorithm change about a year ago, giving websites a slight SEO boost when serving your content over https, there has been a large spark in clients looking to convert their site. However, changing over your site can be a nightmare if you’re not familiar with the setup process. The most common error I hear about and have to resolve is the “infinite redirect” after switching to https. In short, the website will continue to redirect again, again, again, and again, until your browser finally catches on and shows an error message.
How do we fix it? There’s a lot of different articles out there on fixing the issue but I’ve found most to either:
- Not work
- Provide ridiculous trial and error steps that don’t get you anywhere
- Are to broad in how they’re written
So I decided to write a simple, straight forward approach to hopefully fix the issue. You will need to login to your server via FTP and get open up both your .htaccess and your wpconfig.php file.
In your .htaccess, add the following lines above where it says #BEGIN WordPress:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
So your entire .htaccess file might look something like:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Next, we’ll make a little change to the wp-config.php file. At the very top of the file, we’re going to add:
if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"] ) && "https" == $_SERVER["HTTP_X_FORWARDED_PROTO"] ) {
$_SERVER["HTTPS"] = "on";
}
So the first 20 or so lines of your wp-config.php file might look something like:
<?php
if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"] ) && "https" == $_SERVER["HTTP_X_FORWARDED_PROTO"] ) {
$_SERVER["HTTPS"] = "on";
}
/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, and ABSPATH. You can find more information by visiting
* {@link http://codex.wordpress.org/Editing_wp-config.php Editing wp-config.php}
* Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
* installation. You don't have to use the web site, you can just copy this file
* to "wp-config.php" and fill in the values.
*
* @package WordPress
*/
// ** MySQL settings - You can get this info from your web host ** //
That’s it! Your site should now redirect properly to the homepage or login page when typing in the appropriate URLs. These snippets are based off of the great WordPress plugin, Really Simple SSL, which can be downloaded from the repository here: https://wordpress.org/plugins/really-simple-ssl/
Let’s secure up those sites and make the internet a safer place for all!
Related Stuff You Might Like
Share Your Thoughts