SOLVED HTTP/HTTPS redirect problem with Apache

xenoware

Member
Sep 25, 2016
6
1
3
Belgium
cPanel Access Level
Root Administrator
Hi,

I'm currently trying to get my Magento site up and running, but I keep running into a redirect problem. A couple of threads on the Magento forum later, I'm trying to find a solution.

I've tried every possible configuration of Magento and at this point I'm not even sure it's related to Magento. Others have suggested it might be the webserver, but I haven't found the problem so far and the Magento forum is fairly quiet.

It seems like my webserver is mixing unsecure and secure requests.
- Removed -

I'm running a fairly standard and unmodified cPanel setup with a LetsEncrypt auto-SSL config. My Wordpress sites don't experience this behaviour.

Any suggestions on where I should start poking cpanel settings to resolve this? (Or is it certain this is not cPanel/Apache related?)

Thanks!
 
Last edited by a moderator:

Dave Smith

Active Member
Mar 20, 2016
44
12
8
Lisbon
cPanel Access Level
Root Administrator
Hi,
I've never used Magento but it sounds like the Base URL is incorrect (Wordpress also experiences the same issue now and again).

You could try changing this to reflect https:// if it is not already set to do so...?

A quick search revealed the following that may be helpful to you:

How to change Magento base URLs

Hope you get it resolved.
 

xenoware

Member
Sep 25, 2016
6
1
3
Belgium
cPanel Access Level
Root Administrator
Hi,
I've never used Magento but it sounds like the Base URL is incorrect (Wordpress also experiences the same issue now and again).

You could try changing this to reflect https:// if it is not already set to do so...?

A quick search revealed the following that may be helpful to you:

How to change Magento base URLs

Hope you get it resolved.
Already tried that, with pretty much every combination. I've tried http and https as a base URL, SSL settings, etc. It was my first guess as well, but neither of these configurations resolved my problem.

- Removed -

^Magento config.

I'll see if I can make an other clean install in a subdirectory and see if I can replicate the problem.
 
Last edited by a moderator:

rpvw

Well-Known Member
Jul 18, 2013
1,101
459
113
UK
cPanel Access Level
Root Administrator
As Dave mentioned, the configuration Base URL is often the culprit. It is worth auditing the code in your user created pages as well to ensure no fully qualified URLs got included.

These will always cause mixed content alerts, and are stored in the database, so a simple find and replace at DB level is sometimes all it needs :)
 

xenoware

Member
Sep 25, 2016
6
1
3
Belgium
cPanel Access Level
Root Administrator
As Dave mentioned, the configuration Base URL is often the culprit. It is worth auditing the code in your user created pages as well to ensure no fully qualified URLs got included.

These will always cause mixed content alerts, and are stored in the database, so a simple find and replace at DB level is sometimes all it needs :)
That's what my first thought was too. I just reran the search query on my database, and a single entry comes up: the unsecure base URL (http://...) - which I already replaced by the secure URL (https://...) before and that didn't resolve the problem. I reverted back after that

Besides, I'm making Magento enforce SSL on all data anyway (imgur.com/a/sepLP), so the base URL shouldn't even be used in the first place.

Just as a test, to confirm what I already knew:
1. Changed both the unsecure and secure base URL to https://...
2. Flushed Magento standard cache, then flushed all the other magento caches as well (img, css etc)
3. Opened a private session in my browser to avoid cookies from interfering
4. Opened - Removed -

And was presented with mixed content errors and after a page refresh, the infamous "ERR_TOO_MANY_REDIRECTS".
If I close my session and open a new private browser, the thing seems to work for 1 or 2 pages and then crashes again. Could this be a Magento cookie setting? Or a conflict with SSL and cookies?
 
Last edited by a moderator:

rpvw

Well-Known Member
Jul 18, 2013
1,101
459
113
UK
cPanel Access Level
Root Administrator
If you still have your rewrite rules enabled in .htaccess, I would rem them out for the purposes of debugging the magento settings, and once everything works, you can then re-introduce rules to rewrite to https if required.
 

rpvw

Well-Known Member
Jul 18, 2013
1,101
459
113
UK
cPanel Access Level
Root Administrator
From what I am seeing at the moment, every time the page doesn't redirect properly, deleting the section_data_ids cookie fixes it.

Hope this is of some help o_O
 

xenoware

Member
Sep 25, 2016
6
1
3
Belgium
cPanel Access Level
Root Administrator
If you still have your rewrite rules enabled in .htaccess, I would rem them out for the purposes of debugging the magento settings, and once everything works, you can then re-introduce rules to rewrite to https if required.
Disabled rewrites - still calls unsecure content.

From what I am seeing at the moment, every time the page doesn't redirect properly, deleting the section_data_ids cookie fixes it.

Hope this is of some help o_O
Thx




Anyone with a suggestion of how to diagnose the origin of the unsecure content calls?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Disabled rewrites - still calls unsecure content.
Hello,

Did you check the account's home directory, the public_html directory, and the document root where the script resides to ensure no other .htaccess files include redirect rules?

Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello,

Feel free to open a support ticket using the link in my signature if you'd like us to take a closer look and rule out any cPanel & WHM settings or functionality as the culprit.

Thank you.