Redirect loop with CloudFlare and OpenShift and a WordPress application

Question

I created my WordPress application on OpenShift, and it responds to the URL blog-porta8080.rhcloud.com.

I created 2 aliases on OpenShift

I bought my domain (porta8080.com.br) from a brazilian registrar that don't allow me to add CNAME records without a subdomain like www.

So I created an account on CloudFlare, registred my domain and moved my domain to the CloudFlare DNS servers.

Then I added 2 CNAME records to CloudFlare

I even installed the CloudFlare plugin they say would help me

https://wordpress.org/plugins/cloudflare/

But when I go to http://porta8080.com.br it fails to load the page due to a redirect loop error. I tested on chrome and on Firefox and both throws the same error. Chrome says "ERR_TOO_MANY_REDIRECTS" and inspecting the requests, it gives me several "301 error: Moved Permanently"

The wp-admin page doesn't give me an error. The only thing I can think about is its own .htaccess file.

This is my .htaccess (the one in Openshift is probably without the blog/ parts, I just changed the permalink in both and that's the resulting .htaccess on my machine)

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /blog/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
</IfModule>

# END WordPress

Got any ideas?

@Edit

There is a problem on my .htaccess for sure. I commented it and put a message on index file and it gets there both by www and without it.

Would you guess why?

Answer 1

This is an interesting issue when you use CloudFlare's Flexible SSL option alongside WordPress. WordPress, in it's core, has an is_ssl function that doesn't account for reverse proxies. Therefore when you redirect to SSL you can get a redirect loop if using Flexible SSL.

The easiest way to fix this is to install Mod_cloudflare on Apache.

Instead, you can add the if statement to your wp-config.php file to resolve this issue:

if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
    $_SERVER['HTTPS'] = 'on';
}

If you use this method instead of installing Mod_cloudflare ensure that you use the "X-Forwarded-Proto" header instead of SSL for any redirects.