Complicated Wordpress scenario trying to get https up and running

I honestly have no idea about a more tentative and suggestive title, so... sorry to all moderators in advance.

Ok, so I configured properly Let's Encrypt to my website with Nginx. Once I finished, I see the website without CSS, JS, etc. in a typical blocked:mixed:content (BMC) problem. BMC is easily fixable, you check wordpress URL configuration plus one or two more stuffs.

So here's where things start to get complicated. Only after I successfully logged into my wp-admin, Wordpress shows me a Sorry, you are not allowed to access this page., which in the back it's a 403 error. At that time, error.log wont show anything, however access.log show this: - - [26/Dec/2016:11:43:59 -0600] "GET /wp-admin/ HTTP/2.0" 403 1826 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" - - [26/Dec/2016:11:43:59 -0600] "GET /favicon.ico HTTP/2.0" 200 159 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36"

(Fake IPs BTW)

So far everything is a mere information and I can't see a sole useful information about the error in question.

I have configured my Wordpress installation with the old http URL, so after I can't enter the dashboard, I can edit those URLs directly with MySQL or manually adding it in wp-config. The problem with that is that it gives me the net::ERR_TOO_MANY_REDIRECTS error in browsers. So it's kind a bottleneck scenario, and I have no idea what to do.

I can't find an error in my website.conf file:

server {
    listen 80;
    listen [::]:80;
    return 301 https://$server_name$request_uri;

server {
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;
    include snippets/;
    include snippets/ssl-params.conf;


    root   /usr/share/nginx/html/;
    index index.php index.html;

    error_log  /var/log/nginx/error-paradise.log;
    access_log /var/log/nginx/access-paradise.log;

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;

    location ~ /\.ht {
        deny all;

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;

    location = /50x.html {
        root /usr/share/nginx/html;

    location / {
        try_files $uri $uri/ /index.php?q=$uri&$args;

            # Wide-open CORS config for nginx
        add_header 'Access-Control-Allow-Origin' '';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Headers' 'Content-Type,Accept';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';

    location ~ /.well-known {
                allow all;

Another thing I did was to move all plugins from plugins directory and nothing, everything still the same.

I have no idea what else to do. Any help will be much appreciated.

EDIT: It seems to be the theme I'm using. I've tried to move its directory and when Wordpress changes to the next default theme, everything is working fine. If I copy again the theme's directory to themes/, the same problem will start. Since I have lots of blocked:mixed:content errors, I'm searching within theme directory using grep -rnw '/usr/share/nginx/html/' -e 'http'and found a huge amount of lines containing http. I know there's a lot of plugins that fixes this, but since I'm getting error 403 once I'm logged in into wp-admin, how can I replace all that http into https?


TO enable SSL for wordpress, you can do any of the two below

  1. Edit both your SITE and HOME URL settings in the Settings -> General section of your wordpress dashboard, changing the http to https.

  2. Edit your wp-config.php and define both the WP_SITEURL and WP_HOME

    define( 'WP_SITEURL', '' ); and define( 'WP_HOME', '' );

You should also add this to your wp-config.php force ssl for wp-admin

define('FORCE_SSL_ADMIN', true);