Endless Redirect Loop with AWS ELB and wordpress site using wordpress https plugin

I would hazard a guess without you posting your ELB configuration that the ELB is redirecting HTTPS (443/tcp) traffic to the EC2 instance on HTTP (80/tcp). Then you're .htaccess and plugin are trying to redirect it back to HTTPS because it is being seen over HTTP.

Go take a look at your EC2 console under Network & Security > Load Balancers and I would imagine you'll see the Port Configuration says something along the lines of 443 forwarding to 80 (HTTPS, Certificate: blah)


Try adding this to your httpd.conf or an .htaccess

SetEnvIfNoCase X-FORWARDED-PROTO "^https$" HTTPS

When using the load balancer + HTTPS, your webserver is unaware that HTTPS is being used on the front end, so keeps trying to redirect to the HTTPS site, when in fact, HTTPS is already being used.

The above will translate the header that Amazon's Load Balancer sends (X-Forwarded-Proto: https) into an environment variable that Wordpress and other PHP scripts understand (HTTPS=1)


According to Amazon here https://d0.awsstatic.com/whitepapers/deploying-wordpress-with-aws-elastic-beanstalk.pdf the fix is:

/** Detect if SSL is used. This is required since we are terminating SSL either on CloudFront or on ELB */ 
if (($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] == 'https') OR ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))
    {$_SERVER['HTTPS']='on';}

I still ended up with the endless loop, so I changed my WordPress config as from:

define('WP_HOME','http://www.example.com');
define('WP_SITEURL','http://www.example.com');

to:

define('WP_HOME','https://www.example.com');
define('WP_SITEURL','https://www.example.com');

This will force users to https, even if they type http, plus it makes it easy to develop the site offline because you just update the WP_HOME to local host and https is no longer the default