WordPress Https Error – Incorrect Redirect or Redirect Loop

WordPress Https Error – Incorrect Redirect or Redirect Loop

You have made a new, beautiful website in WordPress or changed the old server site, inserted an SSl (https) certificate to complete, the main page of your site works seemingly normal, but when you try to access the administrator, through “wp-admin “, the following messages appear:

Mozilla – “Incorrect redirection – Clear cache and cookies”

Chrome – “This web page has a redirect loop”

You went to your browser, cleared the cookies and the cache and nothing solved, searched the internet for solutions that forced or said that the site address was wrong, they asked you to put the following lines in “wp-config.php” :


Okay, that did not work, either! You’ve wasted a lot of time and you have not got a solution.
And now, what to do?

What then?

Your site may be on a server that is behind a proxy, which has restrictions on deliveries with redirects, and for security reasons, blocks your access to the administrator of your site in WordPress, all this, to prevent intrusions.

Here I have some of the most complete solutions that can help to solve your problem, because with them I solved mine, using only items 1 and 2, after much research.

Note: If your site is in a directory (folder), do not forget to enter it in the codes below, where there are references.

1 – In “wp-config.php”, enter this:

define(‘FORCE_SSL_CONTENT’, true);
define(‘FORCE_SSL_ADMIN’, true);
define(‘FORCE_SSL_LOGIN’, true);

2 – Rename your current “.htaccess” to “old_htaccess”, create a new “.htaccess” file place these lines inside it and save it:

RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^seusite\.com\.br [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.seusite.com/$1 [R=301,L]
# BEGIN WordPress
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

DirectoryIndex index.php index.html home.php

3 – If it does not work with this content above “.htaccess”, delete it and try this one from the site of apiki :

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:X–Forwarded_Proto} ^http$
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [L,R=301]
RewriteCond %{HTTPS} on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond $1 ^(index\.php)?$ [OR]
RewriteCond $1 \.(gif|jpg|css|js|ico)$ [NC,OR]
RewriteCond %{REQUEST_FILENAME} –f [OR]
RewriteCond %{REQUEST_FILENAME} –d
RewriteRule ^(.*)$ – [S=1]
RewriteRule . /index.php [L]

4 – If your site still does not work, due to some providers not delivering the variable “HTTP: X-Forwarded_Proto”, place this code (site of apiki) in your site’s “header.php” (wp-content/themes/seu_theme_escolhido/header.php):

UPDATE of https certification error (07/2018):

If after you have made all the settings, you still have the same error, or just an HTTPS certification validation error, make sure your site uses CLOUDFLARE as the cache to serve static web pages, the error can being in this process.

Sometimes you create an https certificate from your service provider, and using Cloudflare, a problem arises with this certificate, because browsers now receive the https certification that comes from Cloudflare, a certificate from them, which is shared with multiple domains and presents this certificate as if it were yours originally. The certification policies for your site do not beat and cause https certification errors, paralyzing or causing partial site operation.


How to correct:

The form is very simple, first go to www.whynopadlock.com, enter the address of your website and check if the addresses of unknown sites appear in the option: “Domain Matching”.

If they do, it means that your site is using a https certification shared with other sites and this is not being validated with your original https certification, created at your service provider.


The way to correct and test is:

  • Swap DNSs for your provider’s originals
  • Check again if the multiple domains appearing in the test are gone. If they have disappeared, test your site again, it will certainly be working properly. In the “Whynopadlock” options you should see “Valid Certificate“, the text “Your SSL Certificate is installed correctly” and “Domain Matching” or the text “Your SSL certificate matches your domain name!and in Protected Domains: www. your domain .com”.


Related Post