How to force Wordpress admin/login pages with SSL?
19,189
Solution 1
Thanks for the information everyone
Here is a plugin for shared SSL for sub-domain WordPress: WordPress HTTPS (SSL) http://wordpress.org/extend/plugins/wordpress-https/
Solution 2
To force administration and logins over SSL, the proper way is to set the FORCE_SSL_ADMIN
constant in wp-config.php
.
define( 'FORCE_SSL_ADMIN', true );
Solution 3
This can also happen if WordPress is hosted behind a reverse proxy that provides SSL.
Paste the following in your theme's functions.php:
define('FORCE_SSL_ADMIN', true);
// a comma-separated list e.g. http,https
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';
Solution 4
I've used this before
if($_SERVER["HTTPS"] != "on")
{
header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
exit();
}
Comments
-
Happy almost 2 years
I have WordPress in a sub-domain like blog.my-site.com and can't use SSL with sub-domains (https:// blog.my-site.com)
Is there a way to force WordPress admin/login pages ONLY to SSL URL https:// www.my-site.com/blog_dir/wp-admin/ (the folder name is not the same as sub-domain)