Too many redirects on my wordpress site

I changed the DNS settings from Siteground to Cloudflare a couple of weeks ago and it was working without any issues. However, now I can’t access the site because of too many redirect loops.

I have checked this troubleshooting article and cannot find anything wrong. Encryption mode is set to FULL and the origin server has a valid SSL as well.

I noticed that when I turned the development mode on, it started to work again.

Any suggestions would be greatly appreciated. Thanks

Switch to Full (Strict).

It was Full (strict) before. I changed it to Full, thinking that it might have been causing the issue. But it did not make any difference.

Start by switching it back to Full (Strict).

If it doesn’t work within 5-10 minutes, try providing this additional information:

  1. What domain?

  2. What is “Always Use HTTPS” set to?

  3. What is “WordPress Address (URL)” and “Site Address (URL)” set to in your WordPress?
    HTTPS for WordPress – Documentation (highlighted in the first screenshot)

If any of “WordPress Address (URL)” and “Site Address (URL)” in #3 doesn’t start with “https://”, but just e.g. “http://”, then replace that “http://” to become “https://”.

Any help on this, please.
Any steps to troubleshoot or identify the cause ?


In 99% of cases, redirect loops are caused because you set the SSL mode to flexible.

If you also have a rule that modifies caching behaviour to cache redirects, that would do the trick. Even though you changed the SSL mode back, the redirect would remain.

I wouldn’t expect the redirect loop to reappear if you remain on Full (strict).


I have the SSL mode set to Full (Strict) no caching rules as well.
It’s odd that I see this issue from time to time.

Any steps to follow to troubleshoot would be greatly appreciated.

Do you have anything in Page Rules and/or Redirect Rules, and if so, what exactly?

As it seems like you would like to run your site through the secure HTTPS, here’s what I would try:

  1. Switch Always use HTTPS to ON (and let Cloudflare handle the HTTP → HTTPS redirect).

  2. Make sure that you keep Full (Strict).

  3. Wait 5 minutes after you’ve ensured that the two above are set, then run “Purge Everything” for your domain.

  4. Your WordPress seems currently to redirect insecure requests (via Cloudflare), with a Cache-Control header asking browsers to cache it for 4 hours. After doing all of the above, wait minimum 4 hours, and see if the problem (ever) occur in any browsers again.


Thanks for this.
I do not have any redirect rules. There’s one page rule to bypass cache, only for admin area (/wp-admin*)
I will try these steps and see how it goes. Thanks again.

I’m just not getting a redirect loop for that site, nor is

Thanks for checking!
It’s not happening right now. It happened a couple of times last week. Purging the Cloudflare cache seems to fix the issue every time.
I’ve applied the steps given by @DarkDeviL and see if it happens again.

1 Like

Could your redirect loop issue be related to Siteground’s firewall, as described in this other community thread?

1 Like

This could probably be it!
I’m not aware of any firewall settings that I can customize. But I will contact Siteground support to see whether this can be done from their end.

Thanks so much.

1 Like

Next time it happens try opening the page with Dev Tools open (F12) > Network tab, use Network Conditions to throttle the speed to slow 3G, then stop the page between redirects. If it is caused by the firewall, you should see a 200 HTTP response with the meta refresh as its content. That will give you certainty as to whether or not this is the issue.

You are a legend! @cbrandt
I will keep this in mind if it happens again. However, Siteground disabled the anti-bot for my site to see if it’s causing the issue. I will keep this thread updated.

1 Like

According to SG support, their AntiBot system does not work well with Cloudflare caching at the moment. They said Cloudflare is overzealously caching some pages, and it’s breaking the functionality of the AntiBot system. Either way, they don’t go well, causing redirect loops.
I hope this will resolve the issue.

Thanks to all for your input.

1 Like

Cloudflare doesn’t cache pages by default. If a site is using APO, this would definitely be a problem, because APO isn’t expecting the origin to provide different content for the same URL.

I’m curious if Siteground has any advice on how to identify when their AntiBot page is served. Any special headers?

1 Like

The site is using APO.
I’m not sure about how their AnitBot system is working.

However, they said there’s no fix other than disabling the AntiBot, for the moment.
I believe Cloudflare offers similar protection with Bot Fight Mode ?

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.