Fixing WordPress Redirect Loops and Mixed Content Behind Nginx Reverse Proxies

If you're running WordPress behind an Nginx reverse proxy, you might encounter frustrating redirect loops, mixed content warnings, or broken admin URLs. These issues are common when WordPress is configured to run at a different URL than where it's actually being served to visitors. Based on community reports, this guide explains why these problems occur and provides the most effective solutions.

Why These Redirect and URL Issues Happen

WordPress makes assumptions about its location based on server variables and database settings. When you place WordPress behind a reverse proxy (like Nginx, Cloudflare, or Kubernetes ingress), these assumptions can become incorrect. The core issues typically stem from:

• Incorrect WP_HOME and WP_SITEURL values in wp-config.php
• Missing or improper proxy headers that don't pass the original request information
• SSL/HTTPS configuration mismatches between the proxy and backend
• WordPress generating URLs based on internal configuration rather than the external URL

Common Solutions for Nginx Reverse Proxy Configurations

1. Properly Configure WordPress Constants

The most reliable solution is to define the correct URLs in your wp-config.php file:

define('WP_HOME', 'https://your-public-domain.com/path');
define('WP_SITEURL', 'https://your-public-domain.com/path');

Replace the URL with the actual public address where users access your site, not the internal backend address.

2. Set Up Correct Proxy Headers in Nginx

Your Nginx proxy configuration must properly forward the original request information. Add these headers to your location block:

location / {
    proxy_pass http://your-backend-ip:port;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

3. Handle SSL/HTTPS Properly

If your frontend uses HTTPS but proxies to HTTP backend, WordPress might not detect the secure connection. Add this to your wp-config.php:

if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
    $_SERVER['HTTPS'] = 'on';
}

4. Fix Admin Login Redirects

For admin area issues, you may need to ensure WordPress recognizes the correct admin path. Some users have reported success with adding path adjustments in wp-config.php:

$_SERVER['REQUEST_URI'] = str_replace("/wp-admin/", "/your-path/wp-admin/", $_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = str_replace("/wp-login/", "/your-path/wp-login/", $_SERVER['REQUEST_URI']);

5. Update the Database Directly (If Locked Out)

If you cannot access wp-admin due to redirect loops, you may need to update the siteurl and home values directly in the database:

UPDATE wp_options SET option_value = 'https://your-correct-domain.com/path' WHERE option_name IN ('siteurl', 'home');

Additional Considerations

• Cloudflare Users: Ensure Orange Cloud is properly configured and consider adjusting SSL settings
• Kubernetes Ingress: Check that rewrite annotations are properly handling path transformations
• Mixed Content: Use a plugin like "Really Simple SSL" to fix insecure resource URLs after configuration changes
• Caching: Clear all caches (WordPress, Nginx, browser) after making configuration changes

These solutions address the most common WordPress reverse proxy issues reported by the community. The key is ensuring WordPress knows its public URL while properly configuring the proxy to pass along the correct request information.