0

I using cloudflare SSL. after install fresh Wordpress I found that in Wordpress general option "WordPress Address (URL)" is set as without "https" i.e http://example.com

so I changed the site address to https://example.com but after that I cannot open. https://example.com/wp-admin I getting following error:

enter image description here

I changed back to http using phpmyadmin and wp-admin page is loading fine. any idea what is the causing problem? without https:// none of my attachment image will visible.

however with SSL front page is loading fine.

Shahpari
  • 115
  • 2
  • 8

1 Answers1

0

The SSL connection is being terminated by Cloudflare, not your WordPress server, so WordPress can't detect that it is being served over an SSL connection, and keeps trying to redirect to https, causing a redirect loop which leads to the error you see in the browser.

Cloudflare sets the X-Forwarded-Proto HTTP header on requests to your origin server to let the origin server know the protocol being used between the client and Cloudflare.

You need modify your wp-config.php to configure your WordPress install to look for the X-Forwarded-Proto HTTP header, as documented at wordpress.org:

If WordPress is hosted behind a reverse proxy that provides SSL, but is hosted itself without SSL, these options will initially send any requests into an infinite redirect loop. To avoid this, you may configure WordPress to recognize the HTTP_X_FORWARDED_PROTO header (assuming you have properly configured the reverse proxy to set that header).

define('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain
// a comma-separated list e.g. http,https
// so check for https existence
if ( isset( $_SERVER['HTTP_X_FORWARDED_PROTO'] ) && strpos( $_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false ) {
   $_SERVER['HTTPS'] = 'on';
}
Mark B
  • 183,023
  • 24
  • 297
  • 295