Redirect loop in WordPress admin only, not on front end

WordPress depends on a variable, $_SERVER[“HTTPS”] to check if it is on SSL. As a consequence, when this variable is not set and SSL is forced, WordPress tries to redirect back to http. This causes redirect loops on the back-end only, and not on the front-end.

Really Simple Security fixes this by adding the following line to your wp-config.php file:

$_SERVER["HTTPS"] = "on";

If you have enabled the Really Simple Security plugin and clicked “Activate SSL”, but still experience this issue: something might have gone wrong with the editing of the wp-config.php file. In that case, you could try to insert this line manually.

Simple and Performant Security.


Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate generation.