Fixing ERR_TOO_MANY_REDIRECTS in WordPress

I have been playing with WordPress on and off for many years now, and although I’m not a heavy plugin user (The less plugins you use, the less windows you leave open to potential vulnerabilities), one of the plugins I rely on is Really Simple SSL.

Really Simple SSL makes it extremely easy to create and deploy your Let’s Encrypt free SSL certificate, renew it automatically, as well as to force URL redirect from HTTP to HTTPS, and although this later feature is great, more often than not it has caused me some issues as it can cause your entire site to be stuck on a redirect loop under the dreaded error ERR_TOO_MANY_REDIRECTS.

This error can make your entire site inaccessible (including the WordPress admin portal), and it is usually caused when the Really Simple SSL is not correctly configured, as it can cause your site to keep redirecting to itself, getting stuck in a loop. And while that sounds terrible, this is error has a very simple fix – We would just need to edit the wp-config.php file for our site.

For most WordPress deployments (Except for managed wordpress services like GoDaddy’s Managed WordPress, where they block the access to the file manager behind WordPress), you should be able to access all the configuration files that form your site. And to fix this specific issue, you will need to find the wp-config.php file for your site (often found in the root folder or /public_html folders).

Before editing the wp-config.php file, and as anytime we edit any important configuration file, it is highly recommended to save a backup of the file before applying any actual changes.

Some hosting providers may allow you to edit this file from your own browser, while others may require you to manually download the file to your computer, apply changes, and then re-upload.

Once you open the file, you will see there are many lines defining your database details, authentication key details, etc.

You will need to go to the end of this file, and add the following lines:

wp-config.php

//Begin Really Simple SSL ERR_TOO_MANY_REDIRECTS fix
$server_opts = array("HTTP_CLOUDFRONT_FORWARDED_PROTO" => "https", "HTTP_CF_VISITOR"=>"https", "HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"on", "HTTP_X_FORWARDED_SSL"=>"1");
foreach( $server_opts as $option => $value ) {
  if ((isset($_ENV["HTTPS"]) && ( "on" == $_ENV["HTTPS"] )) || (isset( $_SERVER[ $option ] ) && ( strpos( $_SERVER[ $option ], $value ) !== false )) ) {
    $_SERVER[ "HTTPS" ] = "on";
  }
}
//END Really Simple SSL ERR_TOO_MANY_REDIRECTS fix

This code will check if HTTPS is already the default configuration for each forwarding and if so, it will not try to force any additional forwards.

After adding this snippet, you can save changes (and re-upload the file if needed). This should fix the ERR_TOO_MANY_FORWARDS issue right away.

Related Posts

Yara writeup – TryHackMe

The Open University – Cisco CyberOps forensic investigation (Final Assessment)

Email aliases, online identity and threat modelling

Leave a ReplyCancel Reply