Redirect loop on wp-admin or wp-login.php

I put together a quick WordPress site locally using MAMP, then checked it into an SVN repo. I then checked it out on to my development server.

I didn’t change anything except to run the search and replace tool script from Interconnectit to updated the URL of the site in the database on the server.

Read More

Initially, I got a 500 server error. Checking the logs, I discovered that this “SoftException” was because index.php was writeable by group – the permissions were 664. No problem – a quick change of permissions to 644 sorted that. So now the frontside was working.

However, strangely, the admin side of the site did not work. It just produced an endless redirect loop in all browsers.

Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.

Nothing has changed since the local development version. The htaccess file is just a standard WordPress one. Nothing weird… still working fine locally.

So what’s going on?

Related posts

Leave a Reply

16 comments

  1. For whatever reason /wp-admin/ path causes a redirect loop, but /wp-admin/index.php does not. As such, we can use .htaccess to redirect the /wp-admin/ path to /wp-admin/index.php by adding the following line to your .htaccess file after “RewriteBase /” line like this:

    RewriteBase /
    RewriteRule  /wp-admin/ /wp-admin/index.php [L,P]
    

    It worked for me like that.
    You final .htaccess would probably look like this:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule  /wp-admin/ /wp-admin/index.php [L,P]
    RewriteRule ^index.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress
    
  2. Checking the permissions of wp-login.php revealed that they too had somehow been set to 664 – the same permissions that caused index.php to fail and caused the 500 server error.

    I changed the permissions of wp-login.php to 644 and hey presto, the WordPress login page showed up.

    But on logging in, another redirect loop. So, once again, looking at /wp-admin/index.php, the permissions were 664 rather than 644.

    Fixing them led to problems with the next files in line – the dashboard was a right mess. One by one, changing from 664 to 644 corrected the issues (/wp-admin/load-scripts.php, /wp-admin/load-styles.php).

    So it became obvious that a recursive change of permissions was the only way to sort things out.

    My UNIX isn’t exactly top notch, but this appears to have worked (running from Mac OS X Terminal). I ran it from the root directory of this WP install.

    find . -type f -perm 664 -print -exec chmod 644 {} ;
    

    There might be a better command, but I understand this to mean “find all files with 664 permissions and change them to 644”.

    It has fixed my problem.

  3. If you’re using Cloudflare you might want to try adding this to the TOP of your wp-config.php file:

    define('WP_SITEURL', 'https://www.example.com');
    define('WP_HOME', 'https://www.example.com');
    define('FORCE_SSL_ADMIN', true);
    define('FORCE_SSL_LOGIN', true);
    if(isset($_SERVER['HTTP_CF_VISITOR']) && strpos($_SERVER['HTTP_CF_VISITOR'], 'https')){
      $_SERVER['HTTPS']='on';
    }
    

    It’s important that you add it to the top of the wp-config.php file or you’ll end up with “Sorry, you are not allowed to access this page” error messages.

    Credit: https://www.meltajon.com/dev/wordpress-wp-admin-redirect-loop-with-cloudflare-ssl

  4. with nginx config I had originally only this line and experienced the same redirect issue:

    location / {
        try_files   $uri /index.php$is_args$args;
    }
    

    after adding this everything was fine:

    location /wp-admin/ {
        index index.php;
        try_files $uri $uri/ /index.php$args;
    }
    
  5. I just had to flush my redirects.
    Since I couldn’t access the Admin I added this to the top of my functions.php file:

    flush_rewrite_rules();
    exit;

    Saved it and refreshed my site.
    Then remove the code from your functions.php file and then refresh again.
    That did it for me.

    I also think it might be a good measure to resave your permalinks.

    PS. I think the main issue came from theme-my-login as it was redirecting to /login.

  6. I was getting DoS pages when trying to publish in my WP site. I found advice that changing permissions in the function.php file to 600 could solve the issue, also to add to that file a script snippet . It was a WP help page. I was able to get to the publishing in a work-around way. Still have the DoS when I try to open the editor.

  7. My problem was that the hardisk was full. Trying to log into the wordpress administration panel was redirecting me to wp-login.php. I was able to log in again the moment I deleted some files.

  8. To remove the lines

    define('DOMAIN_CURRENT_SITE', 'www.sitename.de');
    
    define('SITE_ID_CURRENT_SITE', 1);
    define('BLOG_ID_CURRENT_SITE', 1);
    

    from wp-config.php should do the job.

    These lines are not necessary for a multi

  9. In the sites-enabled folder you will need to edit the configuration for your site and add the multisite redirection rules. For Ubuntu 14.04 you will be able to find the path under /etc/nginx/sites-available

    Add the following block in your server block and you should be able to avoid the infinite redirection loop.

    #Rewrite multisite '.../wp-.*' and '.../*.php'.
    if (!-e $request_filename) {
        rewrite /wp-admin$ $scheme://$host$uri/ permanent;
        rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last;
        rewrite ^/[_0-9a-zA-Z-]+(/.*.php)$ $1 last;
    }
    
  10. I had a similar issue in my case it was due to restoring a db script that was created with WP Migrate DB. The script had merge tags in like “## DEV URL ##” which i needed to fix before running the script on mysql and pointing the wp-config.php to the correct database.

  11. If you have nginx, then also check your index config. As for me I had an issue: I’ve set the following:

    server {
        server_name _;
        root /var/www/html;
        index /index.php;
    }
    

    So as you see I’ve set index.php with trailing slash, which means that all rewrite requests will go to the index.php in document_root. For WP it’s wrong, because wp-admin directory has its own index.php

  12. The above answers got me pretty close. In our particular case, someone at some point had added in some rules to the htaccess file in the site root and in the admin folder to block traffic from everywhere except some whitelisted IPs (when attempting to access wp-admin).

    Example:

    <Files wp-login.php>
       order deny,allow
       Deny from all
    
       # Allow from this IP address
      allow from 123.45.67.89
    </Files>
    

    Adding our IP to the whitelist in both files remedied the problem.

  13. I faced same problem after I restore backup from other server , it was promising issue I solve it this way .

      chown -R www-data:www-data          /var/www
      chmod -R g+rwx                     /var/www
    

    Where /var/www the place to store website files , replace it with suitable path according to your configuration , e.g /usr/share/nginx/www << default Nginx