Nginx – Unable to remove 301 redirect for wordpress wp-admin on nginx

301-redirectnginxWordpress

Unable to remove 301 redirect for wordpress wp-admin on nginx. The homepage seems fine

I’ve tried almost everything

Disabling plugins by renaming the plugin directory
Removing the redirect_canoncial in functions.php
Even restored an ebs snapshot taken prior to change

The ouput for curl –I http://www.example.com/wp-admin is 301 moved permanently.
I’m using cloudfront and my server default file below

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.php index.html index.htm index.nginx-debian.html;

    server_name www.example.com;

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            #try_files $uri $uri/ =404;
            try_files $uri $uri/ /index.php?q=$uri&$args;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
            include snippets/fastcgi-php.conf;

    #       # With php7.0-cgi alone:
    #       fastcgi_pass 127.0.0.1:9000;
    #       # With php7.0-fpm:
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
            deny all;
    }
}

Best Answer

This is a redirection to TLS i.e. Location: https://www.example.com/wp-admin. It isn't done in the server configuration, but in function auth_redirect(), found in wp-includes/pluggable.php lines 997-1064, more specifically in lines 1012-1020:

// If https is required and request is http, redirect
if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
    if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
        wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
        exit();
    } else {
        wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
        exit();
    }
}

This is controlled by force_ssl_admin(), enabled by adding define('FORCE_SSL_ADMIN', true); constant to wp-config.php. If the constant is not defined, it defaults to false unless the siteurl has https:// (see wp_ssl_constants() in wp-includes/default-constants.php lines 284-304).

Source code line numbers are from current WordPress 4.9.8 and may vary on future versions.

Admin & login page redirections to TLS are not harmful and you should have them enabled for security. Current best practice is to have all sites protected with TLS i.e. https://www.example.com/ as the siteurl.

Related Solutions

Nginx – Why WordPress Loads Blank Pages on Nginx and PHP-FPM

By default the Nginx source does not define SCRIPT_FILENAME in the fastcgi_params file, so unless the repo you installed Nginx from does that you need to do it yourself.

Check if the following line is in your fastcgi_params file:

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;

and if not then add it.

phpMyAdmin – Troubleshooting phpMyAdmin Issues on Nginx and PHP-FPM on RHEL 6

From the latest error you posted, it appears that PHP is trying to write session data to disk in a directory that's not actually writable, namely /var/lib/php/session.

Check the ownership and permissions on this directory:

ls -ld /var/lib/php/session

Compare these to the user and group ID under which php-fpm is running. These will be found in the user = and group = declarations in PHP-FPM's pool configuration in /etc/php-fpm.conf or files in the /etc/php-fpm.d/ directory.

Best Answer

Related Solutions

Nginx – Why WordPress Loads Blank Pages on Nginx and PHP-FPM

phpMyAdmin – Troubleshooting phpMyAdmin Issues on Nginx and PHP-FPM on RHEL 6

Related Topic