Essentially the infinite redirect loop issue comes down to the fact that Flexible SSL is in use. When Flexible SSL is being used, the connection from the origin to CloudFlare is under plaintext HTTP. As such, the server cannot use ordinary methods to determine whether the connection is under HTTP or HTTPS (such as checking the SSL environment variable). As such you get stuck in a redirect loop.
There are a few ways to resolve this.
- If you have an Apache web server, be sure to install Mod_CloudFlare.
- If you’re using WordPress, be sure to install the CloudFlare Flexible SSL plugin.
- Once ensuring the request is coming from CloudFlare, you may wish to override the environment variable for SSL with whatever is in the X
A example of the last option would be adding this to your .htaccess file:
SetEnvIf X-Forwarded-Proto https HTTPS=on
Alternatively you can do it at the start of your PHP script using the following snippet:
if(isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'){
$_SERVER['HTTPS']='on';
}