Loadbalancer error (and test page has too many redirects)

Hi @fcolombo,

a redirect loop usually occurs when a redirect to https:// is active at the same time as a redirect to https://. The solution is to locate the redirect to https:// and remove it. On loadbalanced setups, a wp-config.php fix can be needed. The plugin should add this automatically. Could you check if your wp-config.php contains the following line: //Begin Really Simple SSL Load balancing fix? Also see https://really-simple-ssl.com/knowledge-base/my-website-is-in-a-redirect-loop/

Hello @markwolters ,

Thank you for your reply.

There’s nothing added by RSSSL in my wp-config.

I’m confused – the KB link you posted refers to multisite installations and domain mapping, which is not my case. Should I still be adding that snippet to wp-config?

Hi @fcolombo,

the article indeed mentions multisite, however this fix also applies to non multisite installations and should be automatically. Therefore you could try to insert it in your wp-config.php. If you do experience an issue after, you can remove the lines from your wp-config.php file.

Thanks for clarifying @markwolters .

I’ve added this at the bottom of wp-config.php:

//Begin Really Simple SSL Load balancing fix
$server_opts = array("HTTP_CLOUDFRONT_FORWARDED_PROTO" => "https", "HTTP_CF_VISITOR"=>"https", "HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"on", "HTTP_X_FORWARDED_SSL"=>"1");
foreach( $server_opts as $option => $value ) {
  if ((isset($_ENV["HTTPS"]) && ( "on" == $_ENV["HTTPS"] )) || (isset( $_SERVER[ $option ] ) && ( strpos( $_SERVER[ $option ], $value ) !== false )) ) {
    $_SERVER[ "HTTPS" ] = "on";
  }
}
//END Really Simple SSL

Then I switched on the .htacccess 301 redirect from the RSSSL Plugin config page, and I still get the message that the rule test was unsuccessful.

Debug still shows /wp-content/plugins/really-simple-ssl/testssl/loadbalancer/ssl-test-page.html as having too many redirects.

Is there anything else you’d recommend I try?

Thanks for your time so far Mark.

@fcolombo, there’s something causing the .htaccess test to fail, if the loadbalancer fix is not working correctly it could be there’s a different redirect causing the issue. If the main site is working correclty on https:// it could be there’s an .htaccess file in the /plugins directory with a redirect rule which redirects to https://. Could you check if that is the case?

@markwolters thank you.
I can confirm the main site is working correctly on https://, and also that there’s no .htaccess file in the /plugins directory.
I’m really sorry for the back and forth. Could you think of anything else that might be causing the issue?

@fcolombo if there’s no .htaccess file causing a redirect loop on the .htaccess redirect test page, it could be a server configuration or different plugin is preventing the .htaccess redirect test from working correctly. You could try to temporarily disable other plugins or ask your hosting provider if they can check why there’s a redirect loop on the .htaccess test. In any case, the WordPress 301 redirect will redirect your site to https:// just fine for now.

Thank you @markwolters

I will go through again the .htaccess file, the various subfolders, etc.

And will follow up with the hosting provider, too.

Should I be enabling the “force HTTPS” option in cPanel by the way? At the moment it’s OFF.

@fcolombo you could try to enable that option to see if it fixes the issue.

Quick update @markwolters

Switching the “force HTTPS” option via cPanel doesn’t work – it throws an error.

Digging around, I found a backup of an old version of .htaccess, which starts with this line from an old version of your plugin:

# BEGIN rlrssslReallySimpleSSL rsssl_version[3.0.5]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

Considering that the .htaccess redirect used to work, should I try with this snippet instead?
What do those conditions mean?

@fcolombo strange that the .htaccess redirect did seem to work previously. This indicates something has changed on your server that causes the .htaccess redirect to fail. You could try to insert this snippet to see if it works. The conditions mean that if a request to the site is not made via https:// (thus via https://), and the URL is not one of URL’s listed below, the site should redirect to https://. The .well-known URL’s are used by Let’s Encrypt and should be available over https:///, therefore they are excluded from the redirect.

Mark

Hi @markwolters ,

Just checking in because I think I’m getting confused and I don’t know if there’s an actual issue, and if the issue is with my hosting provider, or with the plugin, or with both.

I have troubleshot a little further, and here are the results:

• Activating the “Force HTTPS” from cPanel works, but the RSSSL plugin shows the notification that no 301 redirects have been set-up, so I’m not sure if it’s a tight solution. The loadbalancer test page still does not load.
• I’ve tested in .htaccess the snippet I posted in my previous post (Code1, see below), and it seems to work; but the plugin still throws the error about no 301 .htaccess enabled, and the loadbalancer test page still says that there are “too many redirects”.
• The hosting company has got back to me with a generic helpdesk https redirect reply, and suggested I try with Code2 (will post below). The end result was the same as with Code1: it seems to work, but the plugin doesn’t “recognise” it, and the loadbalancer test page still fails.
• I’ve deactivated all plugins and tried with an empty .htaccess, but the default snippet that RSSSL attempts to add fails the test

So I don’t really know what else to do apart from giving up and staying with the WordPress 301 redirection.

Is there anything I can provide for you to see if this is a compatibility issue with my server configuration and the plugin?

Thanks in advance

—

Code1

# BEGIN rlrssslReallySimpleSSL rsssl_version[3.0.5]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

—

Code2

RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Hi @fcolombo,

Really Simple SSL tries to verify if the .htaccess redirect is in place, and if not, shows you a message.

In this case, even though you have the redirect in place, it shows the notice. Possibly there is a slight difference between the lines the plugin searches for and your lines.

Your code looks fine, and if you have no issues with it I would just recommend to dismiss the .htaccess notice from Really Simple SSL. You have the redirect, so the notice can be dismissed.

Let me know if you have any questions!