You try to log in to your WordPress site, enter your username and password, but right after logging in you’re sent back to the login screen. No error message — just an endless loop. This is known as the WordPress login redirect loop, and it’s one of the most frustrating issues for WordPress users. The good news: it’s fixable, even if you’re not technical. In this article I explain why you’re being redirected back to the login page and how to fix it step by step.
I’ll cover the most common causes first, followed by practical solutions. If you’re locked out of wp-admin, this guide will help you get access back.
Causes of the login redirect loop
A login redirect loop happens when WordPress can’t maintain your logged‑in session and keeps sending you back to the login page. Common causes:
- Cookie or cache problems: WordPress uses cookies to keep you logged in. If cookies are blocked, corrupted, or outdated, the login can’t be confirmed.
- Incorrect site URL settings: WordPress Address (URL) and Site Address (URL) must match your real site URL. If they don’t (http vs https, www vs non‑www), WordPress can’t create a valid session.
- Faulty
.htaccessor redirect rules: incorrect or conflicting rules can cause an infinite redirect loop, especially after migrations or SSL changes. - Plugin conflicts: plugins that handle login, security, or caching are common culprits. A misconfigured plugin can invalidate sessions or set a bad redirect.
wp-config.phpsettings (e.g.,FORCE_SSL_ADMIN): ifFORCE_SSL_ADMINis true but your site isn’t fully on HTTPS, WordPress can get stuck redirecting.
Step‑by‑step solutions
Try these fixes one at a time, and test after each step. Make a backup before major changes.
1. Clear browser cookies and cache
A login loop is often caused by old session data. Clear cookies and cache in your browser and try again. This removes outdated login data so WordPress can set a fresh session cookie.
2. Try incognito or another browser
If clearing cache doesn’t help, test in a private/incognito window or another browser. If it works there, the issue is local — often a browser extension or strict privacy setting.
3. Check WordPress site URL settings
A URL mismatch is a common cause. If you can’t access wp-admin, force the URLs in wp-config.php:
define('WP_HOME', 'https://yourdomain.com');
define('WP_SITEURL', 'https://yourdomain.com');Make sure the URLs match exactly (protocol + www). You can also check siteurl and home in the wp_options table in the database.
4. Temporarily rename .htaccess
A bad .htaccess file can cause redirect loops. Rename it temporarily (e.g., .htaccess_old) and try logging in again. If it works, regenerate a clean .htaccess by going to Settings → Permalinks and clicking Save. Then add custom rules back carefully.
5. Disable plugins via FTP
If the issue persists, disable all plugins by renaming wp-content/plugins to plugins_off via FTP. Try logging in again. If it works, reactivate plugins one by one to find the culprit.
6. Adjust FORCE_SSL_ADMIN if needed
If FORCE_SSL_ADMIN is true and SSL isn’t fully configured, disable it temporarily:
define('FORCE_SSL_ADMIN', false);Log in via http:// to test. If this fixes it, correct your HTTPS configuration and re‑enable FORCE_SSL_ADMIN.
7. Check for other redirect rules
Review .htaccess for custom redirect rules outside the WordPress block. Also check plugins that manage redirects or login URLs. Avoid having multiple systems forcing redirects. If you use Cloudflare, avoid Flexible SSL and use Full (Strict).
Helpful troubleshooting tools
Once you regain access, these plugins can help diagnose issues:
- Health Check & Troubleshooting: disables plugins/themes only for your session so you can test safely.
- WP Debugging: toggles debug mode and logs errors to
wp-content/debug.log. - Query Monitor: advanced tool for inspecting queries, PHP errors, and redirects.