Twilio error 11215 means Twilio followed the redirect chain from your webhook URL and encountered more than 10 consecutive HTTP redirect responses before receiving a final non-redirect response. Twilio's HTTP client follows redirects automatically up to a limit of 10 hops, and when that limit is exceeded the request fails with 11215. In practice, hitting the 10-redirect limit almost always indicates either a redirect loop or an unnecessary chain of redirects that should be simplified.
What Causes This Error
The most common cause is configuring a webhook URL that uses HTTP while your server unconditionally redirects all HTTP traffic to HTTPS, and then the HTTPS endpoint also redirects to a different path or domain, creating a chain that quickly accumulates redirect hops. Redirect loops are a second cause, where server A redirects to server B and server B redirects back to server A, creating an infinite cycle that hits the 10-hop limit immediately. Web applications that use authentication middleware or session management can create accidental redirect loops for unauthenticated requests: the webhook handler requires a session, the session middleware redirects to a login page, and the login page redirects somewhere that requires a session, creating a loop that Twilio cannot escape. Using a content delivery network or reverse proxy with misconfigured routing rules that redirect requests between multiple backend origins can also create unexpected redirect chains that compound across layers.
How to Fix It Step by Step
Use curl with the --location and --max-redirs 20 flags (curl -v --location --max-redirs 20 https://your-webhook-url) to follow the complete redirect chain and print each hop, which shows you exactly how many redirects occur and where the chain leads or loops. Update the webhook URL in your Twilio Console to point directly to the final destination URL rather than to a URL that redirects to the final destination: if your server always redirects HTTP to HTTPS, configure the webhook URL to use HTTPS from the start. Review your web application's middleware stack and ensure that the webhook endpoint path is explicitly excluded from any authentication, session, or login redirect middleware, since Twilio's requests are server-to-server and do not carry browser session cookies. If you use a framework with route-level or controller-level redirect rules, add a specific route for your webhook path that bypasses redirect middleware and returns the TwiML response directly.
How to Prevent It from Recurring
Always configure Twilio webhook URLs using HTTPS with the exact final path, never relying on server-side HTTP-to-HTTPS redirects to upgrade the protocol, which eliminates the most common source of redirect chains. When adding new middleware to your web application that issues redirects for unauthenticated or unauthorized requests, explicitly list the webhook paths as exceptions that bypass the middleware rather than assuming the middleware will handle them gracefully. Add a webhook endpoint health check to your CI test suite that makes an HTTP request to the webhook URL and asserts the HTTP response code is 200 or another non-redirect code, failing the build if any redirect (3xx) is returned by the webhook path. Review your CDN and reverse proxy routing configuration after any infrastructure change to confirm that the webhook path routing has not been altered to add a new redirect hop.
When to Call a Specialist
If curl shows fewer than 10 redirects but Twilio still reports 11215, the redirect count may differ depending on whether the request includes the POST body and headers that Twilio sends (since some redirect configurations treat POST and GET requests differently, and a POST redirect may add additional hops). A specialist can configure a proxy tool to replay Twilio's exact POST request to your webhook URL and trace every redirect hop that occurs in response to a POST with form-encoded body content, which is different from a simple browser or curl GET request. You should also seek specialist help if redirects are being introduced by a third-party service in your stack (such as a WAF, an API gateway, or a cloud load balancer) that you do not directly control, as disabling or reconfiguring those redirects may require coordination with your infrastructure or security team. Redirect loops that only appear under POST requests with specific Twilio request bodies are non-obvious and benefit from specialist tooling to reproduce and diagnose.
Conclusion
Error 11215 is a redirect chain overflow that is fixed by configuring your Twilio webhook URL to point directly to the final HTTPS endpoint and removing any middleware that redirects webhook requests. If this error is blocking your production system, contact our team and we will diagnose and fix it within the hour.
Ready to Transform Your Business Communications?
Get a free consultation with our VoIP experts and discover how we can help you save costs, improve efficiency, and scale your business.
Comments (0)
Join the discussion and share your thoughts (AI-moderated for quality)
Be the first to comment
No comments yet. Share your thoughts below.