This link has been bookmarked by 73 people . It was first bookmarked on 28 Apr 2010, by someone privately.
-
19 Apr 16
-
23 Mar 16
-
30 Jun 15
-
01 May 15
-
Administration Over SSL
-
To easily enable (and enforce) WordPress administration over SSL, there are two constants that you can define in your site's wp-config.php file.
-
You must also already have SSL configured on the server and a (virtual) host configured for the secure server before your site will work properly with these constants set to true.
-
To Force SSL Logins and SSL Admin Access
-
-
20 Mar 15
-
define('FORCE_SSL_ADMIN', true); if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on';
-
-
08 Feb 15
-
16 Sep 14
-
18 Jun 14
-
16 Feb 14
-
28 Sep 13
-
29 Jul 13
-
30 Apr 13
-
29 Mar 13
-
uide is for WordPress 1.5 and Apache running mod_rewrite, using rewrite rules
-
-
30 Jul 12
-
17 May 12
-
<VirtualHost nnn.nnn.nnn.nnn:443> ServerName www.mysite.com SSLEngine On SSLCertificateFile /etc/apache2/ssl/thissite.crt SSLCertificateKeyFile /etc/apache2/ssl/thissite.pem SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown DocumentRoot /var/www/mysite <IfModule mod_rewrite.c> RewriteEngine On RewriteRule !^/wp-admin/(.*) - [C] RewriteRule ^/(.*) http://www.mysite.com/$1 [QSA,L] </IfModule> ... </VirtualHost> # Insecure site <VirtualHost *> ServerName www.mysite.com DocumentRoot /var/www/ii/mysite <Directory /var/www/ii/mysite > <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^wp-admin/(.*) https://www.mysite.com/wp-admin/$1 [C] RewriteRule ^.*$ - [S=40] RewriteRule ^feed/(feed|rdf|rss|rss2|atom)/?$ /index.php?&feed=$1 [QSA,L] ... </IfModule> </Directory> ... </VirtualHost>
-
-
04 Apr 12
-
02 Jan 12
-
29 Nov 11
Chase Sagum@chasesagum: I'm surprised more people are not putting their WP admin & login behind an SSL. It's ridiculously easy to do http://t.co/YQNFaLHJ
-
09 Nov 11
-
26 Sep 11
-
05 May 11
-
17 Apr 11
-
To easily enable (and enforce) administration over SSL, there are two constants that you can define in your blog's wp-config.php file. It is not sufficient to define these constants in a plugin file; they must be defined in your wp-config.php file. You must also already have SSL configured on the server and a (virtual) host configured for the secure server before your site will work properly with these constants set to true.
-
To Force SSL Logins
The constant FORCE_SSL_LOGIN can be set to true to force all logins to happen over SSL. This (and all other such definitions) must be placed before
/* That's all, stop editing! Happy blogging. */ ... require_once(ABSPATH . 'wp-settings.php');
in the file, otherwise they will not take effect.
Example
define('FORCE_SSL_LOGIN', true); -
-
-
18 Jan 11
-
17 Dec 10
-
11 Nov 10
-
20 Oct 10
-
02 Oct 10
-
30 Sep 10
-
04 Aug 10
-
23 May 10
-
16 Mar 10
-
25 Feb 10
-
22 Dec 09
-
27 Oct 09
controlc deWordPress 2.6 and later has greatly improved support for administration over SSL out of the box.
To easily enable (and enforce) administration over SSL, there are two constants that you can define in your blog's wp-config.php file. It is not sufficient t -
21 Sep 09
lilian ricaudeasily enable (and enforce) administration over SSL, there are two constants that you can define in your blog's wp-config.php file. It is not sufficient to define these constants in a plugin file; they must be defined in your wp-config.php file.
-
Alan LevineWordPress 2.6 and later has greatly improved support for administration over SSL out of the box.
-
25 Aug 09
-
14 May 09
-
03 Apr 09
-
26 Oct 08
-
11 Mar 08
-
24 Dec 07
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.