Last updated December 6th, 2023 00:01
Are you trying to log in to the WordPress administration, but instead of the login screen, you keep getting the ERR_TOO_MANY_REDIRECTS error? This redirect loop issue usually has a straightforward explanation: HTTPS and SSL certificate. Let’s take a look at what to check first and how to fix ERR_TOO_MANY_REDIRECTS In WordPress administration. It can be much simpler than you think.
How To Fix ERR_TOO_MANY_REDIRECTS In WordPress administration
This error can have a very simple and mundane reason. And that reason is the absence of HTTPS support and an SSL certificate. WordPress uses SSL and HTTPS as a layer for secure communication between your computer and the target server. HTTPS encrypts the communication. All the data exchanged between your computer and the target server flows through the internet in an encrypted form. However, if the server lacks an SSL certificate and HTTPS support, WordPress gets stuck in a loop during administration.
You request it to display on the HTTP protocol, while it wants to enforce HTTPS along with the browser. As a result, both sides keep exchanging administration variants and protocols until the browser terminates everything with an error. It notifies about the loop and does not show the WordPress login screen.
How can you solve the problem?
There are two possible solutions. One is bad, and one is good. Let’s first look at the bad one. I must mention that I’m only presenting it because such a solution exists. However, it is completely inappropriate and could even be considered dangerous. You can disable the enforcement of SSL and HTTPS traffic for the administration. You can do this directly in the wp-config.php configuration file, which you can access via FTP.
Insert the following constant into it:
define( 'FORCE_SSL_LOGIN', false );
define( 'FORCE_SSL_ADMIN', false );
Save the wp-config.php file and try accessing the administration again. The problem arises when the browser continues to enforce HTTPS traffic. For example, Mozilla Firefox commonly exhibits this behavior and forcefully redirects almost all web traffic to HTTPS.
The solution, which is the only correct one, involves installing an SSL certificate on your web hosting and enabling encrypted communication between your browser and the server. This will ensure that the communication with the server is encrypted, and the WordPress administration won’t get caught in an unnecessary loop between HTTP and HTTPS traffic.
Why is it important for HTTPS traffic to be functional?
This behavior and enforcement of HTTPS traffic have a simple reason. The goal is to encourage all WordPress users to implement at least basic security measures for their websites. SSL encryption serves as a genuine and necessary foundation for security. It is essential to realize that without HTTPS, you are providing your data to the server in plain text format. This means that the password you enter when accessing the interface is transmitted to the server exactly as you typed it.
If there is any attacker between you and the server, they will obtain your password in the same way as if you had written it down and sent it via email. Conversely, if the same scenario happens over the HTTPS protocol, the attacker will only obtain the hash of the password. In other words, an encrypted string of characters that they cannot reverse-engineer back into the original password. And that is precisely the reason for the effort to encourage as many WordPress users and operators as possible to deploy HTTPS.
Benefits of Using HTTPS in WordPress
Using HTTPS (Hypertext Transfer Protocol Secure) in WordPress brings several advantages that improve the security, credibility, and performance of your website. Here are eight key benefits of using HTTPS in WordPress:
Data Security: HTTPS encrypts the communication between the web browser and the server, protecting sensitive data from eavesdropping and tampering by third parties. This includes information like passwords, payment details, and other sensitive personal data.
Trustworthiness and Integrity: Using HTTPS signals to visitors that your website is trustworthy and ensures data integrity. Displaying the green lock and warning alerts in the browser helps build user trust and reduces the risk of phishing attacks.
SEO Benefits: Major search engines, such as Google, prefer websites with HTTPS and prioritize them in search results. Using HTTPS can have a positive impact on your search rankings and improve the visibility of your website.
Compatibility with Modern Web Technologies: Some modern web features and APIs require the use of HTTPS. For example, the web standard HTTP/2, Service Worker API, or new browser extensions may require your page to be accessible only via HTTPS.
Protection against Attacks: HTTPS provides protection against various types of attacks, including “man-in-the-middle” attacks where an attacker intercepts and manipulates communication between a user and a server.
Cookie Sharing: As part of privacy compliance, it’s important for cookies to be transmitted over a secure connection. Using HTTPS ensures that cookies are encrypted and protected against unauthorized access.
HTTP/2 Support: HTTP/2 is a newer version of the HTTP protocol that offers faster and more efficient web page loading. To leverage all the benefits of HTTP/2, using HTTPS is necessary.
Enhanced User Experience: Using HTTPS contributes to improved website loading speed and overall performance.
How to Fix ERR_TOO_MANY_REDIRECTS in WordPress Administration
Conclusion
As mentioned earlier, the ERR_TOO_MANY_REDIRECTS error in the WordPress administration typically occurs due to SSL in the majority of cases. However, this doesn’t mean it’s the only reason for this problem. If the entire website, not just the administration interface, is experiencing the same redirect loop, you need to look for the cause elsewhere, such as improperly written website redirects in the .htaccess file. But if the rest of the website is functioning correctly on the HTTP protocol, the cause of the problem with the administration will be clear.
If you haven’t activated an SSL certificate, the green lock, and the HTTPS protocol on your website yet, it’s essential to contact your web hosting provider as soon as possible and install an SSL certificate together. The process is not complicated from the customer’s side, and it will help you avoid many issues, not only the redirect loop but also penalties in search engine rankings.
The website is created with care for the included information. I strive to provide high-quality and useful content that helps or inspires others. If you are satisfied with my work and would like to support me, you can do so through simple options.
Subscribe to the Newsletter
Stay informed! Join our newsletter subscription and be the first to receive the latest information directly to your email inbox. Follow updates, exclusive events, and inspiring content, all delivered straight to your email.
