Redirect rules awp-admin

Using CF Redirect Rule to point to third level domain.

So CF => https://www.ThirdLevelDomainDOTSecondLevelDomainDOTcom/wp-admin/

But when I enter the above URL

I am not getting the normal wp-admin UN and PWD prompt to get into Wordpress site and edit it.

I have tried Normalize to URL origin and set WAF Security Custom Rules to presumably allow that specific URL and issue a CAPTCHA managed challenge, but that does seem to produce UN & PWD prompt window. I do not have access to Managed Rules (not a PRO account)

Thank you!

What are you getting instead?

error:

ERR_TOO_MANY_REDIRECTS

As may be helpful to CF community …I think many WordPress sites are following this How-To

[https://turbofuture.com/internet/Cloudflare-Firewall-Rules-for-Securing-WordPress...]

but in “my” case …even after temp. removing Login and Admin blocks --still getting error:

ERR_TOO_MANY_REDIRECTS

… and not the desired UN & PW prompts

Everything setup correctly on Host according to Host support – they are saying something on CF side.

Thanks for engaging … hope also helps others.

p.s. I am not seeing a clean way to correct typo in CF Subject should read “Redirect rules: WP-Admin”

My first thought is that you’d run into this:

But it doesn’t look like that’s the error you’re getting.

If it’s proxied, and stuck in a redirect loop, please post the URL that’s not working, and we can take a look at what type of loop it is.

1 Like

Thanks @cbrandt @sdayman … let me poke around some more.

2 Likes

This site might help point you in the right direction:

I will check that out. Thanks @sdayman!

Also might temporarily pause [my Cloudflare] and see if by going direct from Domain registrar to Host … I might be able to reaccess my ability to work on Word Press via

thirdleveldomain.secondleveldomain.com/wp-admin

1 Like

Is usually caused by having your Cloudflare SSL setting set to flexible. Can you confirm you have set it to Full (strict)?

Really appreciate CF community attempting to help solve this puzzle.

  1. @sdayman I did do your Redirect Checker … an for some reason there seemed to a constant (over 19 redirects) … starts with like two '301 errors" and then 17 “302 errors”

thirdleveldomain.secondleveldomain.com/wp-admin

Although the redirect tool result state specifically … I wonder if something with WordPress software installation at host that makes it auto bounce from /wp-admin.php to wp-login.php and back

  • Actually you use 19 Redirects. Ideally you should not use more than 3 Redirects in a redirect chain. More than 3 redirections will produce unnecessary load on your server and reduces speed, which ends up in bad user experience.
  • You use 301 and 302 redirect at the same time. This might be confusing for search engine. Generally, please do not use 301 and 302 redirects at the same time.
  • You use a 302 redirect. This means, that the actually content is temporary not reachable and will come back soon. To use a 302 redirection for generally moved pages is a bad idea.
  1. I did test taking CF completely out of the network chain ie. Domain Registrar > to Host … and that did resolve ie. I was provided Word Press UN and PW prompts.

  2. I have reengaged CF ie.: Domain Registrar > CF > to Host and @Laudian will try to toggle to full (strict) next …

THX!

Alright @Laudian posited workaround seems to addressing:

Is usually caused by having your Cloudflare SSL setting set to flexible . Can you confirm you have set it to Full (strict) ?

Hopefully when I start layering in CF magic via

https://turbofuture.com/internet/Cloudflare-Firewall-Rules-for-Securing-WordPress

… things will not break again.

So for all those folks using Word Press and wanting to get your feet wet invoking a tastier of CF magic … if you have trouble accessing your WP-admin or login prompts …

  1. allowlist on Cloudflare Firewall rules the IP or IPs you use (https://www.whatismyip.com/) or CF likely has same tool …to access and work on your Word Press site

  2. Change the default CF SSL setting from Flexible to Full (Strict) … it is possible that just “Full” may work for you too.

  3. Start learning about CF magic…start experimenting with different network protections CF provides …

https://turbofuture.com/internet/Cloudflare-Firewall-Rules-for-Securing-WordPress

for you old CloudFlares heads of which I am one… do try to work through the new updated CF platform … it is pretty impressive and I am very grateful that CF still provide small volunteer nonprofit and small frys of all flavors a FREE level … although it is smart to do not all ORGs do anymore. I would not have gone as deep with new CF if they had not.

While “your mileage will likely vary” … I am going to assume that I can safely layer in these additional CF protections
https://turbofuture.com/internet/Cloudflare-Firewall-Rules-for-Securing-WordPress and there will be no additional Blockers. THX ALL!

… Hold on the CF … Redirect Rule … that auto redirects Users who type in the second level domain to be automatically redirected to third level domain (where the Word Press site is) ie. what we want in this USE CASE … no longer seems to be working. OK, still on this…

Update: It looks like solution that I posted above

is in fact still a solution. ie. both CF Redirect Rule is working as one would expect and able to add the additional protections shared in the TurboFuture article without breaking.

One helpful note: Although propagation of these CF Rules seem almost instantaneous nowadays (wowza) … I would still give it 15min and clear cache browser before testing. And, on that later point, please not just closing an incognito window and doing … CMD+SHIFT+N to quickly boot up another Chrome, Edge Incognito window to test or closing prior Incognito browsers Windows DOES NOT truly clear cookies/other … I found I actually had to follow the steps to Clear Cache that one normally does in regular browser Window in the Incognito Browser Window in order to truly clear/flush Browser “memory” and effect a clean/er CF Rules Test.

So if don’t hear back from me the above appears to be a DURABLE address. THX CF community and hope helpful for the community going forward. If any CF admin … wishes to update the subject heading for this thread to. “Redirect Rules. WP-Admin” or whatever CF admin team deems most helpful pls do. THX!

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.