How to force Wordpress admin/login pages with SSL?

php wordpress ssl url-rewriting

19,189

Solution 1

Thanks for the information everyone

Here is a plugin for shared SSL for sub-domain WordPress: WordPress HTTPS (SSL) http://wordpress.org/extend/plugins/wordpress-https/

Solution 2

To force administration and logins over SSL, the proper way is to set the FORCE_SSL_ADMIN constant in wp-config.php.

define( 'FORCE_SSL_ADMIN', true );

Solution 3

This can also happen if WordPress is hosted behind a reverse proxy that provides SSL.

Paste the following in your theme's functions.php:

define('FORCE_SSL_ADMIN', true);
// a comma-separated list e.g. http,https
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
       $_SERVER['HTTPS']='on';

Solution 4

I've used this before

if($_SERVER["HTTPS"] != "on")
{
    header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
    exit();
}

View more solutions

19,189

Author by

Happy

aka user1578602

Updated on July 06, 2022

Comments

Happy almost 2 years

I have WordPress in a sub-domain like blog.my-site.com and can't use SSL with sub-domains (https:// blog.my-site.com)

Is there a way to force WordPress admin/login pages ONLY to SSL URL https:// www.my-site.com/blog_dir/wp-admin/ (the folder name is not the same as sub-domain)