Category Archives: Uncategorized

How to fix a WordPress HTTPS redirect loop with an NGINX reverse proxy

If your WordPress site is set up to use HTTPS and a reverse proxy, such as an NGINX reverse proxy, is put in front of it you may wind up with an infinite redirect loop.

Following the redirect in dev tools, it looks like this is happening:
https://example.com -> https://example.com

A head scratcher for sure, but understanding what is going on behind the scenes reveals the issue and the solution together.

Here is what is actually happening:

  • Request is made to https://example.com
  • The reverse proxy catches the request and makes it’s own request to http://example.com. Take special note that the schema changed to http.
  • The WordPress site sees a request for http://example.com and says, “Hey, that’s not right, I am at https://example.com” and tells the browser to go there
  • Repeat indefinitely

You could change the site to support http to the exclusion of https, however that is hacky and anything wanting https will still work itself into an infinite redirect.

An easier solution is to trick WordPress into thinking the request is https enabled.

WordPress looks at a server variable when determining the status of https. Open your wp-config.php file and add the following just after the <?php tag:

if ( $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) {
    $_SERVER['HTTPS'] = 'on';
    $_SERVER['SERVER_PORT'] = 443;
}

And now your site will work as originally anticipated.

Dastardly isn’t it 😉

IDRAC6 – Console Connection Failed

One of the most annoying things with IDRAC6 is the Java requirement for running a remote console.  with later update versions of Java 8 you may experience a problem where during the connection setup the connection fails with a message:

connecting to virtual console server.. connection failed

It appears that this inability to connect via Java console is rooted in SSLv3 as its disabled by Java.  The fix is

Go to Java installation folder.
Open {JRE_HOME}libsecurityjava.security -file in text editor.
Delete or comment out the following line “jdk.tls.disabledAlgorithms=SSLv3”.