WordPress does not work with HTTPS

alexfg04 · November 29, 2019, 1:41pm

Hi, I have a problem with the site. I installed WordPress in the root directory, but the login page does not work and neither does the wp-admin page; I have an SSL certificate with Cloudflare and this is the error: HTTP ERROR 508 and ERR_TOO_MANY_REDIRECTS.
Cloudflare I configured it manually without activating it from the panel. It is currently set to “Flexible”, how can I solve the problem? I read in the forum that setting it to full works but instead I have a problem 525.

Ergastolator1 · November 29, 2019, 1:43pm

Try to set the SSL option to “Flexible” on Cloudflare and configure WordPress to use HTTP URLs with this guide:

Go to your Control Panel, then click on “MySQL Databases”.
Click on “Admin” near the database you want to manage.
Locate the wp_options table (or whatever it is called, depending on your WordPress installation configuration) and click on it.
Change the values of siteurl and home to the HTTP version of the domain (for example, https://yourdomain will become http://yourdomain) and execute the query.

alexfg04 · November 29, 2019, 5:09pm

But is it not possible to use WordPress with HTTPS?

Ergastolator1 · November 29, 2019, 5:19pm

You can use it with HTTPS URLs as long as you have a SSL certificate installed on your domain and the SSL option set to “Full” on Cloudflare. To get an SSL certificate, try to generate a private key and a CSR from your Control Panel, then use the relative option on the Client Area to request an SSL certificate inserting your domain name first, completing the DNS verification steps, making sure to click on the orange clouds near the two verification CNAME records to disable Cloudflare proxy for them, then waiting a while, refreshing the DNS status, requesting a SSL certificate, and inserting the new private key on its own field, overwriting the old one, clicking on “Upload Key” and inputting the certificate on its own field and clicking on “Upload Certificate”, then waiting a while until the SSL certificate is installed.

alexfg04 · November 29, 2019, 8:35pm

are the self-signed certificates safe?

alexfg04 · November 29, 2019, 9:12pm

But technically, should Cloudflare’s “full” option also offer protection to the source server? Right? But I read on the Internet that the self-signed certificate can also be issued by a hacker!

Niekon · November 30, 2019, 5:24am

You get “Too many redirects” because you must have “Automatic forward to HTTPS” on in Cloudflare, but your Wordpress actually works on HTTP. Both are redirecting to each other, and the website crashes.

Remove the Cloudflare certificate. Your website will be up after sometime. Then download “Cloudflare Flexible SSL plugin”. Activate it and then turn on SSL from Cloudflare. Things will be fine after that.

Link to plugin:

alexfg04 · November 30, 2019, 12:12pm

And if I wanted to set the certificate to Full on Cloudflare would it work without that plugin? And then I did not understand the steps to do that wrote @Ergastolator1

Ergastolator1 · November 30, 2019, 12:23pm

Yes, it would; just make sure your WordPress URL is set to HTTPS on your database’s phpMyAdmin.

To get an SSL certificate, since the self-signed one was removed from the system a long time ago because iFastNet is making some changes to the SSL system, try to generate a private key and a CSR from your Control Panel, then use the relative option on the Client Area to request an SSL certificate inserting your domain name first, completing the DNS verification steps, making sure to click on the orange clouds near the two verification CNAME records to disable Cloudflare proxy for them, then waiting a while, refreshing the DNS status, requesting a SSL certificate, and inserting the new private key on its own field, overwriting the old one, clicking on “Upload Key” and inputting the certificate on its own field and clicking on “Upload Certificate”, then waiting a while until the SSL certificate is installed. After the SSL certificate installation is done, you can now set the SSL option to “Full” on Cloudflare, and then change the website URL from HTTP to HTTPS if it was set to HTTP by following the inverse of the guide of changing the website URL from HTTPS to HTTP, posted below:

Go to your Control Panel, then click on “MySQL Databases”.
Click on “Admin” near the database you want to manage.
Locate the wp_options table (or whatever it is called, depending on your WordPress installation configuration) and click on it.
Change the values of siteurl and home to the HTTPS version of the domain (for example, http://yourdomain will become https://yourdomain ) and execute the query.

Oxy · November 30, 2019, 2:49pm

A post was split to a new topic: Bengalicliparts.site

Admin · November 30, 2019, 3:02pm

If you use the SSL certificate generated in the control panel, your hosting account will actually get a full, valid SSL certificate. That means you should be able switch Cloudflare to “Full (strict)” mode, which prevents the use of self signed certificates.

alexfg04 · November 30, 2019, 5:37pm

Thanks a lot of guys I solved, even to you Admin who answered me. Doesn’t it matter if you find the CSR inserted? I generated it by mistake with the Cpanel.

Admin · December 1, 2019, 8:11pm

The CSR shown in the panel is just there from the last private key that was generated through the control panel. You cannot delete it, but it also won’t affect your website or account.

system · December 31, 2019, 8:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.