/wp-admin Infinite redirect loop SSL

I’ve recently migrated my site to SSL, so http to https.

The frontend of the site works fine - https://www.rowanburgess.co.uk/

But I’m getting an infinite redirect loop on the admin URL https://www.rowanburgess.co.uk/wp-admin/

I’ve read something about forcing https for admin using define(‘FORCE_SSL_ADMIN’, true);, but that needs to be set in the wp-config.php file, which doesn’t seem to be active in my EasyEngine install, so I can’t try that.

Here’s some info:

**curl -I rowanburgess.co.uk**
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 10 May 2017 12:40:08 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Location: https://www.rowanburgess.co.uk/
X-Powered-By: EasyEngine 3.7.4

**curl -I rowanburgess.co.uk/wp-admin/**
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 10 May 2017 12:40:27 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://www.rowanburgess.co.uk/wp-admin/
X-Powered-By: EasyEngine 3.7.4

**curl -I rowanburgess.co.uk/wp-login.php**
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 10 May 2017 12:41:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Location: https://rowanburgess.co.uk/wp-login.php
X-Powered-By: EasyEngine 3.7.4

**curl -I rowanburgess.co.uk/wp-login.php**
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 10 May 2017 12:41:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Location: https://rowanburgess.co.uk/wp-login.php
X-Powered-By: EasyEngine 3.7.4

**root@rowanburgesscouk:/etc/nginx/sites-enabled# lsb_release -d**
Description:    Debian GNU/Linux 8.8 (jessie)
root@rowanburgesscouk:/etc/nginx/sites-enabled# cat /etc/nginx/common/wpcommon.conf
# WordPress COMMON SETTINGS
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
# Limit access to avoid brute force attack
location = /wp-login.php {
  limit_req zone=one burst=1 nodelay;
  include fastcgi_params;
  fastcgi_pass php;
}
# Disable wp-config.txt
location = /wp-config.txt {
  deny all;
  access_log off;
  log_not_found off;
}
# Disallow php in upload folder
location /wp-content/uploads/ {
  location ~ \.php$ {
    #Prevent Direct Access Of PHP Files From Web Browsers
    deny all;
  }
}
# Yoast sitemap
location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
  rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
  rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
  # Rules for yoast sitemap with wp|wpsubdir|wpsubdomain
  rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last;
  rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
  # Following lines are options. Needed for WordPress seo addons
  rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
  rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
  rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
  rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
  access_log off;
}

ee site show rowanburgess.co.uk
Display NGINX configuration for rowanburgess.co.uk
server {
    server_name rowanburgess.co.uk   www.rowanburgess.co.uk;
    access_log /var/log/nginx/rowanburgess.co.uk.access.log rt_cache_redis;
    error_log /var/log/nginx/rowanburgess.co.uk.error.log;
    root /var/www/rowanburgess.co.uk/htdocs;
    index index.php index.html index.htm;
    include  common/redis.conf;
    include common/wpcommon.conf;
    include common/locations.conf;
    include /var/www/rowanburgess.co.uk/conf/nginx/*.conf;
}

Please help!

Here’s my config file:

server {
        listen 80 default_server;
        listen [::]:80 default_server;
        #listen 80;
        server_name rowanburgess.co.uk;
        #rewrite ^/(.*) https://www.rowanburgess.co.uk/$1 permanent;
        #return 301 https://www.rowanburgess.co.uk$request_uri;

        # SSL configuration
        #
        listen 443 ssl;
        # listen [::]:443 ssl default_server;
        #
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        # include snippets/snakeoil.conf;
        #
        # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
        # ssl_ciphers HIGH:!aNULL:!MD5;
        # ssl_prefer_server_ciphers on;

        #root /var/www/html;
        root /var/www/rowanburgess.co.uk/htdocs;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html index.php;

        #server_name rowanburgess.co.uk;
        ssl_certificate /root/rowanburgess.co.uk.chained.crt;
        ssl_certificate_key /root/rowanburgess.co.uk.key;
        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri  /index.php?q=$uri&$args;
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
        include snippets/fastcgi-php.conf;

        # With php5-cgi alone:
                fastcgi_pass 127.0.0.1:9000;
        #       # With php5-fpm:
        #fastcgi_pass unix:/var/run/php5-fpm.sock;
}

The redirect is commented out as it causes a redirect loop on the frontend

I’ve also tried disabling all plugins, but no luck

I have been following this tutorial:

The wp-config will be one folder up from where you would normally expect it to be.

nginx recommend forcing SSL like this:-

server {
    listen 80;
    server_name www.domain.com;
    return 301 https://www.domain.com$request_uri;
}

i.e. you can have more than one server block - so your port 80 block just does the redirect, then your port 443 block does everything else.

[EDIT: ee has built in handling for LetsEncrypt certificates (the free ones) so can do all this for you including the redirect - not sure if you were aware]

Hope that helps

Marty, legend!

Thank you, adding the below worked for me:

location / {
    try_files $uri $uri/ /index.php?$args;
}

There is no need to mess with configuration files.

ee site update domain.com --le

That’s it. EE will take care of details.