Error messages are the bane of any website owner’s existence. They crop up out of nowhere, they’re difficult to decipher, and when you do finally figure out what’s going on, finding the best solution can take hours of research and experimentation.
Fortunately, not all website errors spell immediate overtime. Two of the most common error messages site owners run across are “err_too_many_redirects” and “err_ssl_version_or_cipher_mismatch”. They may sound like incredibly complex problems, but both can be solved in just a few minutes.
The “too many redirects” error message is often called a redirect loop. It usually occurs after a change on your website content management system (CMS) or WordPress site that ends in an accidental misconfiguration of URLs. Sometimes third party plug-ins that change URL configurations can also cause them.
When a redirect loop occurs, your website is simply bouncing visitors back and forth between two or more locations with no hope of ever breaking free. URL #1 points to URL #2, which in turn points back to URL #1. In such a case, the browser would just keep hitting up the server for URL information if the “too many redirects” error message wasn’t thrown.
The first signs of the redirect loop error are pretty easy to see. Depending on the browser you or your visitors are using, a blank tab will display saying something like “This page isn’t redirecting properly” or “This domain redirected you too many times”. This means you have an infinite redirect in place and should try the fixes below to clear it up as quickly as possible.
Fixing redirect errors is a simple matter of locating the problem and making a few quick changes. Odds are if you recently made a change to your website and a redirect loop suddenly appears, you can easily revert those changes to restore full functionality. If that isn’t the case, the local and non-local fixes below should do the trick.
- Clear Local Cookies and Cache – The redirect could be a simple problem of cookie redirects. If you clear local files from your device and reload the page, the redirect may solve itself. You can also open a private tab and try the URL again, as incognito browsing by default doesn’t utilize cache or cookies. If you’re not sure how to clear your cookies, check the section below for a quick guide.
- Check your .htaccess file – Have you made any recent changes to your .htaccess file? It’s possible you accidentally created a redirect loop there. Open it up in your text editor and scan for errors. If you haven’t made any changes recently, you can skip this step.
- Faulty WordPress plugin – Do you use an SEO or redirecting plugin? It’s possible a configuration here is leading to infinite redirects. Make sure you only have one plugin enabled that can create redirects (such as Yoast), then look at the settings to see if you can locate the problem.
- Clear website cache – Caching plugins and services such as Varnish can create temporary redirects if you’re not careful. Clear the remote cache from your admin panel first, then clear your own browser’s cache, reload the page, and cross your fingers.
Once you investigate and try one of the solutions above, it’s important to make sure the error really is fixed. The fastest way to do this is to open up a private browser tab and go to the redirecting page in question. This ensures you get freshly-fetched content and aren’t just loading information from your local cache. If the page works, your job is finished. If it doesn’t, try some of the other fixes above and start again.
If the redirect error is caused by cookies on your browser, you can quickly clear them out, refetch the page and try again. Below are instructions for doing just that on two of the most popular desktop browsers.
Clear cookies from Chrome:
- Go to Customize and click Settings.
- Scroll down and click Show Advanced Settings.
- Go to Privacy and click on Content Settings.
- Click the All cookies and site data button.
- Click Remove all and you’re done.
Clear cookies from Firefox:
- Go to Customize and click History.
- Click Clear Recent History.
- Check the box for cookies and click Clear Now.
More and more websites are using HTTPS these days. This is a good practice, as it ensures a faster and more secure connection all around. Some problems can arise in the encryption handshake process that leads to a few unique errors, however. The SSL version cipher mismatch error is one such issue.
When you visit a website that uses HTTPS a series of events quickly takes place between your browser and the web server. Some of these include a TLS handshake, a certificate verification with an authority, decrypting the certificate, and so on.
If any of these steps fails, the web browser will return a ERR_SSL_VERSION_OR_CIPHER_MISMATCH error and stop accessing the site in question. Some browsers will show an error that simply says “This site can’t provide a secure connection”, but the source is the same either way.
It’s a long and complex error message, and it involves intricate things like website encryption. Fortunately, if you do encounter the SSL version or cipher mismatch error, it’s relatively easy to fix, even if you’re not a technical whiz. Start with the solutions below and you’ll have things patched up in no time.
If your site is giving visitors this error, the first thing you’ll want to do to check your own SSL certificate. You can do this through your hosting or certificate provider, or you can take the easy route and use the automated SSL Server Test by SSL Labs.
Visit the server test linked above and you’ll see a blank box at the center of the page. Enter your root domain here. Even if it’s a subdomain that throws the cipher mismatch error, you’ll need to insert the home URL in the box to properly test the certificate.
Click the submit button and wait a few moments for SSL Labs to perform a complete verification of your encryption certificate. This can take upwards of 60-90 seconds. When it finishes, you’ll see a handy breakdown of the certificate exchange process complete with grades and points for action. Take note of any errors shown on this page, and if you spot something unusual, contact your certificate provider and/or hosting provider with the relevant data.
One common error webmasters stumble across is a certificate name mismatch. If the SSL Labs report detects this, it will display its own error before completing the scan, prompting you to ignore the mismatch before continuing.
Certificate name mismatches are a prime cause of SSL version or cipher mismatch errors. If this comes up during your scan, there are four likely causes outlined below. To fix these, you will need to contact your web host.
- Your site doesn’t use SSL, but it shares an IP address with another site that does.
- The site doesn’t exist anymore but the domain points to an old IP address that now hosts another site.
- Your site uses a content delivery network (CDN) that doesn’t support SSL.
- The domain name alias is for a site with a different name that’s not included in the security certificate.
It’s possible your web server is running an outdated version of the Transport Layer Security (TLS) encryption protocol. As of 2018 TLS 1.2 is deployed across the web, with TLS 1.3 proposed and in the works.
You can check your website’s version of TLS by running the SSL Labs test above. Simply follow the directions to enter and scan your site. When the test completes, scroll down to the “configuration” section. You’ll see a series of protocols listed, followed by a complete rundown of the handshake simulation. Most, if not all, of these should say “TLS 1.2” to the side. If it’s lower, contact your web host to fix the issue, as it could be a serious security concern.
Although it isn’t a permanent fix, if you use the Chrome web browser you can force TLS 1.3 to see if this is the cause of your certificate mismatch. Copy and paste the following code into your Chrome address bar and press Enter:
On the drop-down box, simply change to TLS 1.3, then reload your web page to see if the error persists. If it does, TLS versioning is likely not the cause of your error messages.
The RC4 cipher suite was removed in an older version of Chrome, citing security issues discovered by researchers at both Google and Microsoft. Other browsers are slowly following suit, but not every user will have the most up-to-date version of their browser installed and ready to go. To make sure none of your visitors get the cipher mismatch error, it’s a good idea to check for RC4 on the backend.
Once again, the SSL Labs test is here to save the day. Run the diagnostic tool using the instructions above, then scroll down to the Protocol Details section. A line marked RC4 should be listed, and next to it you should see the word “No”. If something else appears, you’ll need to contact your web host for more information.
Local errors can cause cipher mismatch problems, too. If you recently changed your site’s certificate and your browser is trying to fetch the old one, for example, you’ll see this error right away. Clearing the SSL state can fix the issue in just a few seconds.
Clearing local SSL states is a little more involved than clearing the browser’s cache, as both are stored at the level of the operating system. Below are instructions for both Windows and Mac.
- Click the Windows icon and type “internet properties” into the box. Alternatively, you can navigate to Control Panel > Internet Options.
- Click the content tab and select Clear SSL state.
- Click OK to close the tab, then restart your browser for the changes to take effect.
- From the desktop, click Go > Utilities > KeyChain Access
- In the left pane click System
- Click on the certificate you want to delete.
- In the menu bar, click Edit > Delete, then confirm the changes by entering your password.
- After a moment, your operating system will clear the certificate. Restart your browser for the changes to take effect.
In some cases, antivirus scanners can interfere with processing SSL certificates. Temporarily disable these programs, shut down and restart your browser, then try reloading the page to see if it clears the issue.
If none of the fixes above seem to work, the problem may be related to your operating system. Older software such as Windows XP is no longer supported by modern browsers for security reasons, meaning all of the certificate handling and processing will simply fail. If you’re on a public device that uses an older operating system and receive this error, try accessing the same page on a different computer.
After you run through a few of the tests above, you should be able to clear the SSL version cipher mismatch error. It’s not a very stubborn problem, and chances are the first test you ran uncovered the core problem.
To verify the error is fixed, it’s a good idea to test the site from multiple browsers, at the minimum. Either clear your cookies and cache or use a private (incognito) tab to visit the page. Manually hit the reload button and see what happens. With any luck, you’ll have things up and running without wanting to tear your hair out.
The “err_too_many_redirects” and “err_ssl_version_or_cipher_mismatch” error messages are more common than you might think. Website owners encounter them, and casual web users encounter them, too. Most of the time they’re caused by a simple oversight. By following the tips above, you can fix both errors and have enough time left over for that second cup of coffee.