How to solve ERR_INVALID_REDIRECT for an HTTPS WordPress website on Apache behind Nginx and varnish?

My website home page returns “ERR_INVALID_REDIRECT”. All the other pages of the website are fine. It just returns this issue for the Homepage (meaning: https://www.mywebsiteurl.com/).

The reason is that WordPress decides to redirect to “https:///” (cf. screenshot below: X-redirect-by: WordPress)

enter image description here

I have already:

  • Cleared my browser cache
  • Restarted Nginx, Varnish and Apache
  • Deactivated the plugins from wordpress
  • in my wp-config.php file the WP_HOME and WP_SITEURL are set properly.

I did just upgraded to WordPress: 5.6.1 and also updated my Theme yesterday. There was no problem before the upgrade. So the problem is certainly coming from one of these actions.

My question is, What else should I check? What are the next actions that I could take the figure out where the problem comes from? Any advanced debugging I could do somehow?

Thanks a lot.

UPDATE #1

Mywebsite.conf

<VirtualHost *:8080>
   ServerName www.mywebsite.com
   DocumentRoot /var/www/wordpress/

   LogFormat "%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{User-agent}i"" varnishcombined
   ErrorLog /var/log/apache2/wordpress/mywebsite-error.log
   CustomLog /var/log/apache2/wordpress/mywebsite-access.log varnishcombined

</VirtualHost>

wordpress.conf

<Directory /var/www/wordpress/>
     Options Indexes FollowSymLinks
     AllowOverride All
     Require all granted
</Directory>
<VirtualHost *:80>
     ServerName 139.162.xx.xx #I masked the IP here
     #Redirect permanent / http://www.mywebsite.com/
     ServerAdmin [email protected]
     DocumentRoot /var/www/wordpress/
     ErrorLog /var/log/apache2/wordpress/error.log
     CustomLog /var/log/apache2/wordpress/access.log combined
     <files xmlrpc.php>
       order allow,deny
       deny from all 
     </files>
</VirtualHost>

The last virtual host from wordpress.com should not be taken in to account because Apache just listens on port 8080. Nginx, my front webserver listens on port 80 and 443.

UPDATE #2

mywebsite.conf (Nginx conf)

server {
  listen 443;
  server_name www.mywebsite.com;
  port_in_redirect off;

  ssl on;
  ssl_certificate /etc/ssl/private/mywebsite.com.chained.crt;
  ssl_certificate_key /etc/ssl/private/mywebsite_com_key.txt;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!dSS;
  ssl_prefer_server_ciphers   on;

  ssl_session_cache   shared:SSL:20m;
  ssl_session_timeout 60m;

  add_header Strict-Transport-Security "max-age=31536000";
  add_header X-Content-Type-Options nosniff;

  location / {

     proxy_pass            http://127.0.0.1:6081;
     proxy_read_timeout    90;
     proxy_redirect        off;


     proxy_set_header      X-Real-IP $remote_addr;
     proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_set_header      X-Forwarded-Proto https;
     proxy_set_header      X-Forwarded-Port 443;
     proxy_set_header      Host $host;
     proxy_set_header      X-Forwarded-Host $http_host;
     proxy_set_header      HTTPS "on";
   }
}

server {
   listen 443 ssl;
   server_name mywebsite.com;

   return 301 https://www.mywebsite.com$request_uri;
}

server {
   listen 80 default_server;
   server_name _;
   return 301 https://$host$request_uri;
}

UPDATE #3

 #curl -v -H 'Host: www.mywebsite.com' http://127.0.0.1:8080/
 * Expire in 0 ms for 6 (transfer 0x56356f708f50)
 *   Trying 127.0.0.1...
 * TCP_NODELAY set
 * Expire in 200 ms for 4 (transfer 0x56356f708f50)
 * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
 > GET / HTTP/1.1
 > Host: www.mywebsite.com
 > User-Agent: curl/7.64.0
 > Accept: */*
 > 
 < HTTP/1.1 301 Moved Permanently
 < Date: Wed, 24 Feb 2021 14:32:06 GMT
 < Server: Apache/2.4.38 (Debian)
 < X-Redirect-By: WordPress
 < Location: https://www.mywebsite.com/
 < Content-Length: 0
 < Content-Type: text/html; charset=UTF-8
 < 
 * Connection #0 to host 127.0.0.1 left intact

Answer

Got it. I had a typo error in my wp-config.php (it was HTTP_X_FORWRDED_HOST instead of HTTP_X_FORWARDED_HOST)…

 /**
  * * Handle SSL reverse proxy
  * */
  if ($_SERVER[HTTP_X_FORWARDED_PROTO] == https)
       $_SERVER[HTTPS]=on;

  if (isset($_SERVER[HTTP_X_FORWARDED_HOST])) {
       $_SERVER[HTTP_HOST] = $_SERVER[HTTP_X_FORWARDED_HOST];
  }

Leave a Reply

Your email address will not be published. Required fields are marked *