Knowledge
ERR_TOO_MANY_REDIRECTS (redirect loop)
#Errors
This error means the browser was bounced between URLs until it gave up. The classic cause is a redirect loop between HTTP and HTTPS, very often a Cloudflare SSL setting fighting your server config.
Published by Mark van Eijk on June 23, 2026
Updated on June 30, 2026 · 2 minute read
- About the error
- Why do I see this error
- Solution
- Fix Cloudflare SSL mode
- Trust the proxy's protocol header
- Check your nginx redirect
- Diagnose the loop
- If it isn't your website
About the error
The browser shows ERR_TOO_MANY_REDIRECTS (Chrome) or "The page isn't redirecting properly" (Firefox). It means a URL redirected to another URL that redirected back, forming a loop. After a handful of hops the browser stops to avoid looping forever.
Why do I see this error
The overwhelmingly common cause is an HTTP ↔ HTTPS loop, and the most common trigger of that is Cloudflare's SSL mode set to "Flexible":
- Cloudflare talks to your server over plain HTTP.
- Your server (or app) redirects all HTTP to HTTPS.
- Cloudflare receives that redirect, requests again over HTTP, gets redirected again, forever.
Other causes: an app forcing HTTPS while a proxy already terminates TLS, a misconfigured www ↔ non-www redirect, or two redirect rules pointing at each other.
Solution
Fix Cloudflare SSL mode
If you use Cloudflare, set the SSL/TLS encryption mode to Full or Full (strict), never Flexible. Flexible is the single biggest cause of this loop for sites behind Cloudflare. Full means Cloudflare connects to your origin over HTTPS, which matches your server redirecting to HTTPS. See an A+ grade SSL using Cloudflare.
Trust the proxy's protocol header
When TLS is terminated by a proxy or load balancer, your app sees the request as plain HTTP and redirects to HTTPS, even though the visitor is already on HTTPS. Tell the app to trust the forwarded protocol. In Laravel, configure trusted proxies in bootstrap/app.php:
->withMiddleware(function (Middleware $middleware) {
$middleware->trustProxies(at: '*', headers:
Request::HEADER_X_FORWARDED_FOR |
Request::HEADER_X_FORWARDED_HOST |
Request::HEADER_X_FORWARDED_PORT |
Request::HEADER_X_FORWARDED_PROTO
);
})
Check your nginx redirect
A correct HTTP→HTTPS redirect redirects only plain HTTP, and the HTTPS server block must not redirect again:
server {
listen 80;
server_name example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
# serve the site here, do NOT redirect to https again
}
nginx can also loop internally, without the browser ever seeing a redirect, that's the rewrite or internal redirection cycle error in the nginx error log.
Diagnose the loop
Follow the redirect chain with curl to see exactly where it loops:
curl -sIL https://example.com | grep -i location
If you see the same two URLs alternating, you've found your loop.
If it isn't your website
When you hit this on a site you don't control, the fix is on your end: delete that site's cookies and reload. A stale or corrupt session cookie is the usual culprit, and an incognito window (which starts with no cookies) is the fastest way to confirm it. If the page loads in incognito, clear the cookies in your normal window.
Subscribe to our newsletter
Do you want to receive regular updates with fresh and exclusive content to learn more about web development, hosting, security and performance? Subscribe now!
Frequently asked questions
- How do I clear ERR_TOO_MANY_REDIRECTS as a visitor?
- If the loop is on a site you don't run, clearing that site's cookies usually fixes it: a stale or corrupt session cookie can keep redirecting you. In Chrome, open the site, click the icon to the left of the address bar, choose "Cookies and site data" and delete them, then reload. An incognito window is a quick way to confirm the cookie is the cause.
- Why does ERR_TOO_MANY_REDIRECTS happen on WordPress?
- Usually the WordPress Address (URL) and Site Address differ on http vs https, or an SSL plugin forces HTTPS while Cloudflare is set to Flexible. Set both URLs to your real https domain in Settings → General, switch Cloudflare to Full (strict), and remove duplicate "force HTTPS" rules.
- Is ERR_TOO_MANY_REDIRECTS always caused by Cloudflare?
- No, but Cloudflare's "Flexible" SSL mode is the single most common trigger for sites behind it. The loop can also come from conflicting www/non-www rules, an app forcing HTTPS behind a TLS-terminating proxy, or two redirect rules pointing at each other.
- How do I fix the loop in .htaccess?
- A force-HTTPS rule that also fires on requests that are already HTTPS creates the loop. Guard it with a condition so it only redirects plain HTTP: RewriteCond %{HTTPS} off before the RewriteRule, or use %{HTTP:X-Forwarded-Proto} when a proxy terminates TLS.