Home / Azure / Fix Azure Application Gateway Redirect Loop

Azure

Fix Azure Application Gateway Redirect Loop

Resolve Azure Application Gateway redirect loops by fixing HTTP-to-HTTPS rules, listener configurations, and backend settings.

Published: Apr 3, 20268 min readBy FixWikiHub Editorial Team

Abstract illustration for a troubleshooting knowledge base category.

Introduction

Azure Application Gateway URL redirection rules can create infinite redirect loops when HTTP-to-HTTPS rules conflict with backend responses or when the target URL incorrectly points back to the gateway itself.

Symptoms

Browser redirect loop:

bash

The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

curl showing redirect chain:

```bash $ curl -I http://myapp.example.com

HTTP/1.1 301 Moved Permanently Location: https://myapp.example.com

$ curl -I https://myapp.example.com

HTTP/1.1 301 Moved Permanently Location: https://myapp.example.com # Loop detected - redirecting to itself ```

Application Gateway logs:

json

{
  "requestUri": "https://myapp.example.com/",
  "responseCode": 301,
  "redirectUrl": "https://myapp.example.com/"
}

Common Causes

1.Redirect target is self - Rule redirects to same URL
2.Backend sends redirect - Backend also redirects, creating chain
3.Listener port mismatch - HTTPS listener on wrong port
4.Rule priority conflict - Multiple rules match same request
5.Host header mismatch - Host header changed by rule
6.Path-based rule issue - Path pattern redirects incorrectly
7.Missing SSL certificate - HTTPS listener without certificate

Step-by-Step Fix

1.Check logs for specific error messages
2.Verify configuration settings
3.Test network connectivity
4.Review recent changes
5.Apply corrective action
6.Verify the fix

Step 1: Check Redirect Rules

```bash # List all redirect rules az network application-gateway rule list \ --gateway-name my-appgw \ --resource-group my-rg \ --query '[].{Name:name,Type:type,Redirect:redirectConfiguration}'

# Check redirect configuration az network application-gateway redirect-config show \ --gateway-name my-appgw \ --resource-group my-rg \ --name http-to-https \ --query '{TargetType:targetType,TargetUrl:targetUrl,IncludePath:includePath,IncludeQuery:includeQueryString}' ```

Step 2: Fix HTTP-to-HTTPS Redirect

```bash # Correct redirect configuration for HTTP to HTTPS az network application-gateway redirect-config update \ --gateway-name my-appgw \ --resource-group my-rg \ --name http-to-https \ --target-listener https-listener \ --include-path true \ --include-query-string true

# Verify redirect targets HTTPS listener, not URL az network application-gateway redirect-config show \ --gateway-name my-appgw \ --resource-group my-rg \ --name http-to-https \ --query 'targetListener.id' ```

Step 3: Check Listener Configuration

```bash # List all listeners az network application-gateway listener list \ --gateway-name my-appgw \ --resource-group my-rg \ --query '[].{Name:name,Port:port,Protocol:protocol,Host:hostNames}'

# Verify HTTPS listener has SSL certificate az network application-gateway listener show \ --gateway-name my-appgw \ --resource-group my-rg \ --name https-listener \ --query '{Port:port,Protocol:protocol,SslCertificate:sslCertificate.id}'

# If missing certificate, add it az network application-gateway listener update \ --gateway-name my-appgw \ --resource-group my-rg \ --name https-listener \ --ssl-cert my-ssl-cert ```

Step 4: Verify Backend Pool Settings

```bash # Check backend pool configuration az network application-gateway address-pool show \ --gateway-name my-appgw \ --resource-group my-rg \ --name my-backend-pool \ --query '{Addresses:backendAddresses,BackendHost:hostNames}'

# Check backend HTTP settings az network application-gateway http-settings show \ --gateway-name my-appgw \ --resource-group my-rg \ --name my-http-settings \ --query '{Port:port,Protocol:protocol,HostName:hostName,PickHostName:pickHostNameFromBackendAddress}'

# If backend sends redirects, use correct protocol az network application-gateway http-settings update \ --gateway-name my-appgw \ --resource-group my-rg \ --name my-http-settings \ --protocol Https \ --port 443 ```

Step 5: Check Rule Priority and Path Patterns

```bash # List rules with priorities az network application-gateway rule list \ --gateway-name my-appgw \ --resource-group my-rg \ --query '[].{Name:name,Priority:ruleType,Listener:listener,Action:actionType}'

# Check path-based rules az network application-gateway url-path-map show \ --gateway-name my-appgw \ --resource-group my-rg \ --name my-path-map \ --query '{DefaultRule:pathRules[0],PathRules:pathRules}'

# Ensure path rules don't redirect to themselves ```

Step 6: Check for Backend Redirects

```bash # Test backend directly (bypass gateway) curl -I http://backend-ip:8080/

# If backend returns redirect, fix backend configuration # Or configure gateway to handle backend redirect

# Check backend response headers az network application-gateway http-settings show \ --gateway-name my-appgw \ --resource-group my-rg \ --name my-http-settings \ --query '{Port:port,Protocol:protocol,TrailingSlash:redirectToBackend}' ```

Step 7: Fix Host Header Settings

```bash # Host header issues can cause redirects # Check if host header is preserved az network application-gateway http-settings show \ --gateway-name my-appgw \ --resource-group my-rg \ --name my-http-settings \ --query '{HostName:hostName,PickHost:pickHostNameFromBackendAddress,BackendHost:backendHostNames}'

# Preserve original host header: az network application-gateway http-settings update \ --gateway-name my-appgw \ --resource-group my-rg \ --name my-http-settings \ --pick-host-name-from-backend-address false ```

Step 8: Test with Diagnostic Logs

```bash # Enable diagnostic logging az monitor diagnostic-settings create \ --name appgw-logs \ --resource /subscriptions/SUB/resourceGroups/my-rg/providers/Microsoft.Network/applicationGateways/my-appgw \ --workspace /subscriptions/SUB/resourcegroups/my-rg/providers/microsoft.operationalinsights/workspaces/my-workspace \ --logs '[{"category":"ApplicationGatewayAccessLog","enabled":true}]'

Step 9: Use Rewrite Rules Instead

```bash # For complex scenarios, use rewrite rules az network application-gateway rewrite-rule create \ --gateway-name my-appgw \ --resource-group my-rg \ --rule-set-name rewrite-set \ --name force-https \ --response-headers '[{"headerName":"Location","headerValue":"https://myapp.example.com"}]'

# Apply rewrite rule to listener az network application-gateway rule update \ --gateway-name my-appgw \ --resource-group my-rg \ --name my-rule \ --rewrite-rule-set rewrite-set ```

Step 10: Remove Conflicting Rules

```bash # Delete conflicting redirect rules az network application-gateway rule delete \ --gateway-name my-appgw \ --resource-group my-rg \ --name conflicting-rule

# Ensure only one rule handles HTTP to HTTPS az network application-gateway rule list \ --gateway-name my-appgw \ --resource-group my-rg \ --query '[?redirectConfiguration!=null].name' ```

Redirect Configuration Types

Type	Use Case	Example
Permanent (301)	SEO migration	Old URL to new
Temporary (302)	Short-term redirect	Maintenance page
Found (303)	POST to GET	Form submission
Permanent (308)	HTTP to HTTPS	Preserve method

Verification

```bash # After fixing redirect configuration # Test HTTP request curl -I http://myapp.example.com

# Expected: # HTTP/1.1 301 Moved Permanently # Location: https://myapp.example.com/

# Test HTTPS request (should NOT redirect) curl -I https://myapp.example.com

# Expected: # HTTP/1.1 200 OK # (No Location header, content served)

# Check gateway health az network application-gateway show-health \ --gateway-name my-appgw \ --resource-group my-rg ```

Prevention

To prevent Azure Application Gateway redirect loop issues from recurring, implement these proactive measures:

1. Monitor Redirect Patterns

yaml

groups:
- name: azure-appgateway
  rules:
  - alert: AzureAppGatewayRedirectLoop
    expr: |
      rate(azure_appgateway_redirect_loops_total[5m]) > 0
    for: 2m
    labels:
      severity: critical
    annotations:
      summary: "Azure Application Gateway redirect loop detected"

2. Validate Redirect Configuration

```bash # Pre-deployment validation script cat << 'EOF' > validate_redirects.sh #!/bin/bash # Check for common redirect loop patterns

# HTTP to HTTPS redirect should only apply to HTTP listener az network application-gateway redirect-config show \ --gateway-name my-appgw \ --resource-group my-rg \ --name http-to-https \ --query '{TargetListener:targetListener.id,IncludePath:includePath}'

# Should target HTTPS listener, not the same HTTP listener EOF

chmod +x validate_redirects.sh ```

3. Document Redirect Rules

```bash # Export and document redirect configuration az network application-gateway redirect-config list \ --gateway-name my-appgw \ --resource-group my-rg \ -o yaml > redirect_rules.yaml

# Add comments documenting purpose # git add redirect_rules.yaml # git commit -m "Document redirect rules" ```

Best Practices Checklist

[ ] Monitor redirect patterns
[ ] Validate redirect configuration before deployment
[ ] Document redirect rules
[ ] Test redirects manually
[ ] Use separate listeners for HTTP/HTTPS
[ ] Review redirect targets carefully

[Fix Azure Application Gateway WAF Blocking](/articles/fix-azure-application-gateway-waf-blocking)
[Fix Azure Backend Pool Not Resolving](/articles/fix-azure-backend-pool-not-resolving)
[Fix Azure SSL Certificate Binding Failed](/articles/fix-azure-ssl-certificate-binding-failed)

[Technical troubleshooting: Fix Azure Aks Pod Crashloopbackoff Issue in Azure](azure-aks-pod-crashloopbackoff)
[Technical troubleshooting: Fix Azure Api Management Policy Expression Runtime](azure-api-management-policy-expression-runtime-error)
[Technical troubleshooting: Fix Azure App Configuration Feature Flag Not Refre](azure-app-configuration-feature-flag-not-refreshing)
[Technical troubleshooting: Fix Azure App Service 503 Always On Disabled Issue](azure-app-service-503-always-on-disabled)
[Technical troubleshooting: Fix Azure Application Gateway Err SSL Unrecognized](azure-application-gateway-err-ssl-unrecognized-name-alert)

Was this guide helpful?

Related search paths

People also search for

If the symptom is close but not identical, these search paths usually surface the right neighboring fixes faster than scrolling the full archive.

Azure Application Gateway Redirect Loop Azure Application Gateway Redirect Loop Azure Azure Application Gateway Redirect Loop troubleshooting Azure Application Gateway Redirect Loop fix Resolve Azure Application Gateway redirect loops by fixing HTTP-to-HTTPS rules, listener configurations, and backend settings Azure Resolve Azure Application Gateway redirect loops by fixing HTTP-to-HTTPS rules, listener configurations, and backend settings

Explore Related Topics

Browse Guides from Other Categories

Discover troubleshooting guides from related categories to expand your knowledge.

FAQ

Azure Troubleshooting FAQs

Common questions about troubleshooting and preventing similar issues

How do I know if this azure-errors troubleshooting guide applies to my situation?

This guide is designed for azure-errors issues. If you're experiencing similar symptoms described in the article, follow the step-by-step instructions. Start with the most common causes and work through the diagnostic process.

Is it safe to follow these azure-errors troubleshooting steps?

Yes, all steps are designed to be safe and non-destructive. We recommend creating backups before making significant changes and testing each step before proceeding to the next.

How long does it typically take to resolve this type of azure-errors issue?

Most azure-errors issues can be resolved within 30 minutes to 2 hours, depending on the complexity and root cause. Follow the troubleshooting flow to identify and fix the problem efficiently.

How can I prevent this azure-errors issue from happening again?

Regular maintenance, monitoring, and following best practices for azure-errors configuration can help prevent recurrence. Consider implementing automated checks and alerts for early detection.

Written by

FixWikiHub Editorial Team

Our editorial team consists of experienced DevOps engineers, systems administrators, and cloud architects with hands-on experience in production environments across AWS, Azure, GCP, and on-premises infrastructure.

Every guide undergoes technical review for accuracy and is updated when software versions, commands, or best practices change.

Last updated: Apr 3, 2026

About our team

Important Notice

Disclaimer & Safety Guidelines

The troubleshooting steps in this guide are provided for educational and informational purposes. Before applying any changes to production systems:

Test in a staging environment first — Always verify commands and configurations in a non-production environment before deploying to live systems.
Create backups — Ensure you have current backups of databases, configurations, and critical files before making changes.
Understand the impact — Review how each step may affect your specific environment, dependencies, and users.
Consult official documentation — This guide supplements, but does not replace, official vendor documentation and best practices.

FixWikiHub is not responsible for any damages arising from the use of this content. See our Terms of Use for more information.

Resources

Official Documentation & Further Reading

For authoritative information, consult the official documentation for the technologies discussed in this guide. Our troubleshooting content supplements, but does not replace, vendor documentation.

AWS Documentation — Official Amazon Web Services guides and API references
Kubernetes Documentation — Official Kubernetes documentation
Nginx Documentation — Official Nginx web server documentation
Apache Documentation — Official Apache HTTP Server documentation
Docker Documentation — Official Docker container documentation

Fix Azure Application Gateway Redirect Loop

Introduction

Symptoms

Common Causes

Step-by-Step Fix

Step 1: Check Redirect Rules

Step 2: Fix HTTP-to-HTTPS Redirect

Step 3: Check Listener Configuration

Step 4: Verify Backend Pool Settings

Step 5: Check Rule Priority and Path Patterns

Step 6: Check for Backend Redirects

Step 7: Fix Host Header Settings

Step 8: Test with Diagnostic Logs

Step 9: Use Rewrite Rules Instead

Step 10: Remove Conflicting Rules

Redirect Configuration Types

Verification

Prevention

1. Monitor Redirect Patterns

2. Validate Redirect Configuration

3. Document Redirect Rules

Best Practices Checklist

People also search for

Browse Guides from Other Categories

WordPress

SSL

DNS

Azure Troubleshooting FAQs

FixWikiHub Editorial Team

Disclaimer & Safety Guidelines

Official Documentation & Further Reading

Fix Azure Application Gateway Redirect Loop

Introduction

Symptoms

Common Causes

Step-by-Step Fix

Step 1: Check Redirect Rules

Step 2: Fix HTTP-to-HTTPS Redirect

Step 3: Check Listener Configuration

Step 4: Verify Backend Pool Settings

Step 5: Check Rule Priority and Path Patterns

Step 6: Check for Backend Redirects

Step 7: Fix Host Header Settings

Step 8: Test with Diagnostic Logs

Step 9: Use Rewrite Rules Instead

Step 10: Remove Conflicting Rules

Redirect Configuration Types

Verification

Prevention

1. Monitor Redirect Patterns

2. Validate Redirect Configuration

3. Document Redirect Rules

Best Practices Checklist

Related Issues

Related Articles

People also search for

Share this guide

More Azure Troubleshooting Guides

Browse Guides from Other Categories

Azure Troubleshooting FAQs

FixWikiHub Editorial Team

Disclaimer & Safety Guidelines

Official Documentation & Further Reading