Support » Fixing WordPress » Unfixable redirect loop at wp-login with reauth=1

Viewing 8 replies - 1 through 8 (of 8 total)
  • Moderator bcworkz

    (@bcworkz)

    Are you sure the login actually failed? I’ve run into this once in a while. Despite getting the login screen, the user is in fact logged in. Manually typing in /wp-admin/ into the browser when this happens takes one to the dashboard. It seems like the browser cached the redirect to wp-login.php from the initial request and repeats it again despite a nocache header in the response. I don’t know if that’s really what happens, but it fits the behavior.

    Or what if wp-login.php is requested from the onset so there is no redirect_to parameter? That should get you in without getting into a loop as well.

    Thread Starter PPNSteve

    (@ppnsteve)

    I’m sure its not logging in.. tried that with same results.. back to login screen.

    Make no difference if you directly call wp-login.php or not.. same with stripping the redirect in the URL

    Moderator bcworkz

    (@bcworkz)

    OK, thanks for checking. Try logging in while your browser’s network developer tool is open and the redirect_to query string is in place. The first logged request should be for POSTing to wp-login.php. Click that entry and view the cookies tab. The request should include a wp_test_cookie.

    The next line should be to wp-admin/. The request cookies should include two more which include a long hexadecimal string in the name. Please report any deviations. Ignore any supporting file requests that show up like .css, .js, and image files.

    Also verify there is nothing unusual relating to WP redirects or rewrites in .htaccess. The only WP rewrites are normally RewriteRule ^index\.php$ - [L] and RewriteRule . /index.php [L].

    Thread Starter PPNSteve

    (@ppnsteve)

    From what i can see, the cookies look correct.. the htaccess rewrite code is not unusual as well..
    still loops to login page with occasional drifts to the default 404 page.. not sure whats going on here, but its VERY strange.

    Moderator bcworkz

    (@bcworkz)

    Did the standard fixes you tried include deactivating all plugins and switching the theme to twentynineteen? Without backend access, you need to do so via FTP or your hosting file manager. Rename the /plugins/ folder in wp-content/ and also rename your theme’s folder. WP will switch to twentynineteen when it can no longer find your usual theme at its usual place.

    The login process should then work. Restore the normal folder names afterwards and start restoring your normal configuration one module at a time, testing logins after each. When logins fail again, the last activated module is the cause. Rename its individual folder to deactivate. Seek assistance from that module’s devs.

    Thread Starter PPNSteve

    (@ppnsteve)

    Yes it did indeed include this..

    If I try logging in using http instead of https, I get this: “ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.”

    Moderator bcworkz

    (@bcworkz)

    Have you ensured that WP is up to date? And your theme and plugins while you’re at it. I’ll assume so.

    I’m running out of ideas. It’s looking like a server configuration issue somewhere. For example, ModSecurity often causes strange behavior if not properly configured.

    Kind of a long shot, but you could try overwriting all the core files from a fresh download. It’ll fix any corrupted files that could be causing the problem. You basically do a manual update, even though the version in this case would stay the same.

    While it may seem easier just to use the Reinstall Now button on the update admin screen, it’s not as reliable in fixing corrupted files as doing so manually would be.

    Moderator bcworkz

    (@bcworkz)

    Hey @ppnsteve, if you are having this issue on a WAMPP installation, there is a bug in core that is due to be patched in the next WP update. Sorry for all the misdirection I caused in trying to solve this.
    https://core.trac.wordpress.org/ticket/47980

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Unfixable redirect loop at wp-login with reauth=1’ is closed to new replies.