WordPress + CloudFront Flexible SSL ends up in redirect loop (https)
This is due to the fact that CloudFlare's Flexible SSL operates as a reverse proxy and connects to the WordPress installation via http
. Wordpress thinks you're connecting via http
and does a redirect to the https
resource. The browser requests the https
resource from CloudFlare and CloudFlare again requests the resource over http
from the WordPress server, resulting in another redirect.
Fortunately there's a solution. CloudFlare sends an http header X-FORWARDED-PROTO that is the protocol used in the connection from the browser to the CloudFlare server. We can use this to tell WordPress that even though the request is happening over http
, the link to the browser is over https
.
In the wp-config.php
file add the following line:
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on';
It's also crucial that the above line comes before the following line:
require_once(ABSPATH . 'wp-settings.php');
After making that modification the redirect loop will stop and you'll be able to use the admin again.
This ultimately applies to all reverse proxy servers, not just CloudFlare.
In my case we getting this problem because I configure CloudFront origin incorrect.
cloudfront-> origin -> Origin Protocol Policy -> Match Viewer
after this setting my website working fine