Cloudflare, WordPress, and Redirect Loops

If you are using Cloudflare, and upon activating Cloudflare, start seeing redirect loops on your site, especially on pages such as wp-login.php and /wp-admin, you may have to adjust your SSL settings in Cloudflare to “Full” instead of Flexible or None.

Choosing “Full” ensures Cloudflare fetches your site from the origin via HTTPS, not HTTP.

Certain applications, such as /wp-admin in WordPress, may force SSL and redirect non-HTTPS requests to HTTP automatically. However, if Cloudflare is used and pull your site using HTTP, when it is actually serving HTTPS connections, end users may be caught in an endless loop of redirects. To resolve this, simply ensure Cloudflare always uses HTTPS:

Setting this option to “Strict” is not recommended.