Enabling HTTPS Redirect Causes Infinite Loop

I added a new domain in Hestia CP and enabled Let’s Encrypt SSL cert. I made no other changes and both HTTP & HTTPS works.

Then, I enable HTTPS redirect and both HTTP & HTTPS causes infinite loops. I disable the redirection and everything starts working again.

I’m currently on Hestia v1.4.10 and the only difference that I noticed between this domain and the others seems to be that the SSL cert is kept in the same directory as the conf files (e.g. nginx.conf). The other domain HTTPS redirection works without issues.

Can anyone suggest why a simple HTTPS redirection could be causing infinite loops?

Once again, the culprit was Cloudflare.

Cloudflare defaulted to Flexible SSL connection, which doesn’t encrypt between Cloudflare servers and my webserver.

Since my webserver redirects to SSL, there’s an infinite loop.

The solution was to change the SSL connection to Full (or Full (strict) if you’re using Let’s Encrypt) and that resolved the issue.

Please checkout the best practice for cloudflare: SSL Certificates and Let's Encrypt — Hestia Control Panel documentation

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.