Domain Mapping - Force SSL breaks the admin

When the "Would you like to force https in login and admin pages" option is set to "Yes", it creates a "Too many redirects" error and prevents access to the admin. This occurs whether SSL is enabled in CloudFlare or not.

  • Ash

    Hello Dustin Sartoris

    It can happen because of any plugin conflict. Would you please run a conflict test? Please deactivate all plugins except domain mapping. Besides, enable a default WP theme. Now enable force SSL and check the issue is back. If not, then enable all plugins one by one and check enabling which one is breaking.

    Also, would you please post your full htaccess code here?

    Have a nice day!

    Cheers,
    Ash

  • Dustin Sartoris

    The only plugins I had enabled were WPMUDEV plugins:
    Cloner
    Defender Pro
    Domain Mapping
    Hummingbird Pro
    Multi-Domains for Multisite
    SmartCrawl
    Snapshot Pro
    Ultimate Branding
    WP Smush Pro
    WPMU Dev Dashboard

    Twenty Seventeen is my current theme.

    My HTACCESS contained only this when it broke:
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]

    # add a trailing slash to /wp-admin
    RewriteRule ^wp-admin$ wp-admin/ [R=301,L]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ - [L]
    RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
    RewriteRule ^(.*\.php)$ $1 [L]
    RewriteRule . index.php [L]

    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

    However, I added this (from my other Really Simple SSL addon on my Technoagents.io site) when it broke, and it still didn't work:

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.26]
    <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    </IfModule>
    # END rlrssslReallySimpleSSL

    # BEGIN Really_Simple_SSL_UPGRADE_INSECURE_REQUESTS
    <IfModule mod_headers.c>
    Header always set Content-Security-Policy "upgrade-insecure-requests;"
    </IfModule>
    # END Really_Simple_SSL_UPGRADE_INSECURE_REQUESTS
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress

  • wp.network

    Dustin Sartoris hey, your htaccess redirects meant to force https should likely go above the WordPress stuff... You'll need to enable the rewrite engine... ok, so, don't hurt yourself with this, but here is what is in place at my own production networks:

    RewriteEngine On
    RewriteBase /
    ## BEGIN HTTPS Catch-All
    <IfModule rewrite_module>
    # Only uncomment this bit if its needed, eg CloudFlare
    #RewriteCond %{HTTP:X-Forwarded-Proto} https [NC]
    #RewriteRule ^ - [S=1]
    RewriteCond %{SERVER_PORT} 80
    RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)\ HTTP/ [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
    </IfModule>
    ## END HTTPS Catch-All

    I find that having a hammer like this around can be very handy, however it can also mask bad behaviors so... yeah, ymmv.

    Cheers, Max