We couldn’t be more excited after the release of this new gTLD operated by Google. The new .dev domains are specially useful for us developers as a tool to aggregate value to our resumes and to help each other by sharing information on the internet. But if you just got your new domain and setup a new WordPress on your hosting, you may be experiencing the following error when you try to access your /wp-admin for the first time:
This error happens because every .dev domain is on the HSTS preload list. HTTP Strict Transport Security (HSTS) list is a list of sites that are hardcoded into Chrome as being HTTPS only. This list is also used by most major browsers such as Firefox, Opera, Safari, IE 11 and Edge, and makes HTTPS required on all connections for the websites present on it. If your WordPress is hosted behind a reverse proxy that provides SSL, but is hosted itself without SSL, these options will send all requests into an infinite redirect loop. You can fix that issue by adding the following code to the beginning of your wp-config.php file:
# Force all logins and all admin sessions to be initiated over SSL:
# Set WordPress to recognize the HTTP_X_FORWARDED_PROTO header
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
Clear your browser’s cache and try to access your /wp-admin again. Everything should be working fine.