Web Consultant247, Inc. Logo
Free Consultation Call
Fixing the “Internal Server Error” When Logging Into Strapi (Community Edition)

Fixing the “Internal Server Error” When Logging Into Strapi (Community Edition)

Share


If you’re using Strapi Community Edition and suddenly run into an “Internal Server Error” when logging into the Strapi admin panel, you’re dealing with a common issue that happens when Strapi is deployed behind a proxy, load balancer, or SSL-terminating service.

Many developers report that everything in Strapi works perfectly — APIs, content types, the frontend — except for one thing:

You cannot log in to the Strapi admin dashboard.

Click “Log In,” and Strapi throws a 500 Internal Server Error.

This login failure typically has nothing to do with your credentials or your database. Instead, it’s caused by how Strapi detects (or fails to detect) whether the incoming request is secure (HTTPS).

Below is the complete explanation and the official fix.

Why the Strapi Login Internal Server Error Happens

When Strapi is running behind any kind of reverse proxy, CDN, or load balancer — such as:

  • Nginx
  • Cloudflare
  • Traefik
  • Docker reverse proxy
  • AWS ALB/ELB
  • Railway / Render / Fly.io
  • Local development with SSL tunnels

— the HTTPS connection is usually terminated before reaching the Strapi Node server.

Even though your site is truly secure, Strapi can fail to detect that the original request was encrypted. This causes Strapi to treat the login attempt as insecure, which breaks the authentication flow and triggers the 500 Internal Server Error on login.

The issue is documented in the official GitHub tracker and confirmed by the Strapi team.

The Official Fix for Strapi Login Internal Server Error

The fix is simple:

You need to add a middleware that forces Strapi to treat the request as encrypted.

Add the following to your src/index.ts or src/index.js:

export default {
  register({ strapi }) {
    // Force the socket to be treated as encrypted for proxy setups
    strapi.server.use(async (ctx, next) => {
      if (ctx.req?.socket) {
        (ctx.req.socket as any).encrypted = true;
      }
      await next();
    });
  },

  bootstrap() {},
};

Then restart your Strapi server.

As soon as this middleware is active, the admin login will work correctly again — no more 500 errors.

When You Need This Fix

This solution applies if:

  • You host Strapi behind Cloudflare
  • You run Strapi behind Nginx or Traefik
  • You use Docker containers with a reverse proxy
  • You deploy Strapi behind AWS load balancers
  • Your server receives requests without direct HTTPS termination
  • Strapi login returns 500 Internal Server Error but the main API works normally

If you’re using Strapi’s built-in HTTPS support directly (less common), you may not need this.

Where This Fix Comes From

This is the exact fix recommended by the Strapi maintainers in the GitHub discussion:

https://github.com/strapi/strapi/issues/24535

The middleware forces the socket to be treated as HTTPS, ensuring the admin authentication flow works correctly in proxy-based environments.