When I disable “hide backend”, it fixes the issue. Even though I only changed the wp-admin path (and not the registration), it still causes a redirect loop when enabling it. Sucks, since I need to hide the WP-ADMIN path.
One of my sites has the same issue.
There is a conflict between iThemes Security and WordPress HTTPS, or SSL use in general.
In my case it wasn’t turning off “hide backend” option that fixed the problem – this still works. We had to turn “Front End SSL Mode” to ‘off’. SSL still works fine w/this option off.
It’s odd that iThemes Security gives us the message “WARNING: Your server does appear to support SSL. Using these features without SSL support on your server or host will cause some or all of your site to become unavailable.” even though we do have SSL and it works fine.
I believe this is what caused our redirect loop issue – iThemes Security still needs some work on its SSL features…
Hey Rak-nyc,
Thanks for the information! What version are you experiencing this with? Could you update to v4.0.21 and let me know if that helps?
Thanks,
Gerroald
I’m having the very same problem.
Running the latest built of WP 3.8.3 and iThemes Security 4.0.23. The problem also existed in the previous versions of both. I’ve been unable to source the problem so had to resort to deactivating the plugin
same here for one site I have now 3.9.1
‘iThemes Security’ plugin is now turned off.
‘WordPress HTTPS’ is left on as it resolves SSL correctly and cleans.
It would be helpful to have a enable/disable feature at least for ‘iThemes Security’ SSL so that both plugins can be running.
I’ve set
define('ITSEC_SERVER_OVERRIDE', TRUE);
in wp_config.php and it appears that the two plugins are ok together ‘WordPress HTTPS’ is useful to clean some content in my theme to https that I’d have to manually go fix.
can anyone explain what the implications of setting ITSEC_SERVER_OVERRIDE true for a live site?
I’ve used the advice from the support page..
http://ithemes.com/codex/page/Fix_Non-SSL_Elements_on_SSL_Page
using the light weight plugin by Chris Jean / iThemes (instead of ‘WordPress HTTPS’ ) to clean up the http links to https where ssl is in use.
Hey All,
Thanks for the information and I’m happy to hear that Chris’s plugin is functioning correctly. I’ll do some testing with the other plugin and see what I can come up with.
Thanks,
Gerroald
I am recently experiencing this problem with WP 3.9.1 and Ithemes Security 4.3.7. It was previously functioning fine, but now just reinstalling and activating the plugin causes the redirect loop. Suggestions? Are there database tables I need to clean up? Since I can’t access the plugin other than by deleting or renaming its folder via FTP.
