In this post we will describe a well-known bug in WP 4.* versions with redirect loop when authenticating in login interface. This usually happening when logging in to WordPress admin interface (example.com/wp-admin/) with correct credentials you are getting a bounce back and redirected to the blank wp-login screen.
In this case the URL is each time appended as:
http://example.com/wp-login.php?redirect_to=http%3A%2F%2Fexample.com%2Fwp-admin%2F&reauth=1
What to do with this bug?
- Clearing my cache, logging in in Incognito-mode, user other browsers, etc.
- Disabling all plugins by renaming the wp-content/plugins folder
- Disabling all themes except twentysomething
- Doing a complete re-upload of everything WP except wp-config.php and especially re-uploading wp-login.php
- Wiping the .htaccess file (Thank god I made a backup)
- Checking my database if it exceeded the allowed size (Mind you this has been a fix for several cases I encountered so make sure to check that!)
- Adding code to wp-login.php to re-specify my site URL, or, doing the same manually in PhpMyAdmin to wp_options under ‘home’ and ‘siteurl’ (Mind you this can be a fix if you’re using a different URL for your WP install than your server configuration, so that it bounces between http://www.example.com and http://example.com)
Analyzing MySQL issue
An error stating MySQL server has gone away followed by something about usermeta, meta_value and a gigantic string of information it apparently tried and failed to write into the database
Several errors regarding Cannot modify header information – headers already sent
Because I suspected the errors came in in the right order, just like that, I finally discovered the problem: the database. It looked like a session token was being written into the database, but because it was gigantic, the database timed out, making WordPress fling me back to the login page again.
The Fix
- Go into PhpMyAdmin to your WordPress database
- Find the table named wp_usermeta
- Find the rows titled session_token
- Delete the value associated with it
Comments regarding this method
Mind you the value is huge and your browser might freak out. We did it by clicking ‘edit’ for that record first, then toggling the null value for the field on and off, selecting the empty field and pressing delete a couple of times to make sure, and then hit save). And there you have it. A possible solution to that incessant and infuriating redirect loop problem that occurs when your database and WordPress stop playing together correctly.