Redirect Loops

My website is in a redirect loop

When you experience a redirect loop, this can be caused by several things. On activation, Really Simple SSL adds a WordPress 301 redirect (as of 2.5.9). You can prevent this redirect from being used either by disabling it in the settings, or, if you can’t access the settings, adding

define(“rsssl_no_wp_redirect”, true);

to your wp-config.php.

Another option is to activate Really Simple SSL in safe mode (as of 2.5.9). This will activate Really Simple SSL with the least possible changes.

Most steps below can be done without access to the back-end. If these steps all fail, and you still have a redirect loop, you can always deactivate using the remove script, or manually.

You can try to track down the cause systematically by following these steps:

Check if you have Varnish Cache active

Varnish often causes issues on SSL. Ask your hosting company if Varnish is active, and if they can disable it to see if that helps. With a service like you can see if your site uses Varnish Cache. If so, you should be able to deactivate Varnish in your webhosting dashboard, like CPanel.

Check your certificate

In some cases a certificate with chain issues can cause issues. Check if your certificate is ok on It should at least grade an A.

A plugin redirects back to http

If, without Really Simple SSL active, you type in the url of your website with https, and get redirected back to http, there is a redirect to http active, which will cause redirect loops when a redirect to https is added.

  • Check other plugins
    Multilanguage plugins, login plugins, redirect plugins, or even WooCommerce with certain settings can redirect to http.
  • Check if your .htaccess or nginx.conf contains redirects to http.
    If you have other redirects in place, this could conflict with the redirect of Really Simple SSL.

CDN, like CloudFlare

On your CloudFlare settings page, you should have SSL activated. Please check if you have any page rules redirecting to http.

You might need to add a page rule. The result would look like this:

It’s best to temporarily pause Cloudflare for your domain, and disable protocol rewriting to https when enabled. After successfully enabling CloudFlare, you can try if it works when you enable again.

If these steps didn’t help

If these steps all fail, and you still have a redirect loop, you can always deactivate using the remove script, or manually.

Related Articles

  • Redirect loop in WordPress admin only, not on front end

    WordPress depends on a variable, $_SERVER[“HTTPS”] to check if it is on SSL. As a consequence, when this variable is not set, and SSL is forced, WordPress tries to redirect back...
  • Remove .htaccess redirect on site lockout

    When you enable the setting “htaccess redirect” in settings/ssl/settings, Really Simple SSL detects the best redirect, then opens a testpage to verify this option won’t result in redirect loops. Even...
  • Using safe mode

    Migrating to SSL can cause unexpected side effects. When caching is causing redirects, or a plugin redirects back to http, or other such issues, it can be helpfull to activate...
  • How to uninstall / deactivate when backend is not accessible

    There are situations where you can get locked out of the backend of WordPress. For example, if you do not have a valid SSL certificate, and you forced it anyway...


  • Eyal Oren

    This redirect loop is so frustrating.

    I literally can’t even save the settings to stop the plugin from writing to .htaccess before it writes to it and locks me out again. I keep removing the added text to the .htaccess file but am not fast enough to save the settings in the plugin.

    No idea why I’m in this look either. Could it be because I have set Settings/General/site address as https://…?

    • Rogier Lankhorst

      There is another way to prevent .htaccess from being edited.
      In the wp-config.php, add:

      • Eyal Oren

        Thanks for the quick reply but that did not work

        I added the line at the end of my wp-config file

        Clicked on the SSL Settings page and was back in a redirect loop

        I tried to change the Settings/General/site address to http:// thinking that was the problem but it did not change anything.

        I literally cannot update the plugin or go into the settings without ending up in a redirect loop.

        So strange.

        • Eyal Oren

          UPDATE: Looks like I actually had the Safari redirect issue

          Loaded in Chrome and was able to check the ‘stop editing htaccess file’

          All good now.

  • mark

    there are some problems with these instructions is
    1. Once you have a redirect loop you can’t login to disable other plugins
    2. Lots of people do not use .htaccess – nginx is pretty popular these days.

    How do I disable really simple ssl now that I have redirect loops given I don’t use .htaccess?
    Where is the javascript redirect installled (I’m assuming that’s the problem).
    What do I edit in other plugins to make them play nicely with this plugin (assuming disabling them fixes anything(?
    How do I remove this plugin without being able to login?

  • Clemens

    Hello today I purchased the Really Simple SSL per page to secure just 2 pages in my WP installation. I bought it to avoid errors to the whole installation. So if i enable SSL for this 2 pages they are caught in that famous ssl loop. Woocommerce checkout process works with ssl so there might be no problem with the ssl certificate. Outside the woocommerce checkout i do not use ssl just the 2 pages I want to secure. So how can I avoid that loop for these 2 pages?

    • Rogier Lankhorst

      If you type in the url of one of these pages with https, does it redirect to http? If a redirect loop is generated something else is redirecting back to http. This might be a plugin, or a .htaccess rule.

      • Clemens

        If I type in the page with https it will be shown without! There is a normal page. If I use the plugin and set the page to ssl there is the loop with http and with https.

        • Rogier Lankhorst

          If you type the url with https, and you get a http page in return, there is a redirect to http on your site. This explains the redirect loop. So you need to remove the redirect first.

Leave a Comment