Redirect to Original WordPress Page Fails After Passing Cloudflare Protection Page

Hello,

I’m experiencing an issue with my WordPress site in conjunction with Cloudflare and hope to find some assistance here. When attempting to log into the WordPress admin area, I’m initially redirected to the login page with a URL structure that looks like this:

perlCopy code

https://mydomain.tld/wp-login.php?redirect_to=https%3A%2F%2Fmydomain.tld%2Fwp-admin%2Fpost.php%3Fpost%3D12345%26action%3Dedit&reauth=1

After logging in, I’m supposed to be redirected directly to the editing page of the specific post (in this case, post.php?post=12345). However, I first encounter a Cloudflare protection page (I presume it’s a CAPTCHA or some form of security challenge page). After successfully navigating past this protection page, I don’t end up on the originally intended edit page but on the general WordPress dashboard page (wp-admin/), and the specific post editing URL is lost.

I’ve tried checking the settings in Cloudflare to pinpoint potential causes for this behavior but to no avail. It seems as though the original destination URL gets lost somewhere between the protection page and the redirection after login.

Does anyone have any suggestions on how to resolve this issue so that after passing the Cloudflare protection page, the correct redirection to the originally requested WordPress page occurs?

Hi there!

A redirect to wp-admin/ probably means there’s a mismatch somewhere in the URL structure. I tested on my own WP site and it works fine there. The redirect should work from your WP site and not from CF.

Cloudflare Protection Page

Do you mean using WAF or Page Shield? Are the redirects working if you turn it off?

1 Like

Hello Edwin,

I don’t just have this problem with one domain.
My Cloudflare is only on Basic and has no special rules. Security is on Medium.

The behavior is the same for all my Wordpress instances:
→ Edit post
→ Save
→ Exit browser
→ Start browser with last session (long after session timeout)
→ Wordpress redirects to wp-admin/login.php?..
→ Login → Cloudflare check message
→ Homepage wp-admin/

Hi there.

Have you attempted switching your Security Level to Essentially Off if the redirects would work?

It may be useful to know if you have some kind of 301/302 redirects on your domain (mydomain.tld to www.mydomain.tld) or WP plugins affecting the redirect.

A trace request may be able to help you identify which rules were applied by accident.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.