May 3 2011

WordPress SSL Login & Admin

This is “the right way” to enable WordPress Administration & Login over SSL (assuming SSL is Configured and Running in the Hosting machine).

Don’t try to play with Redirect in Apache configuration, WordPress 2.6 and later has greatly improved support for administration over SSL out of the box.

There are two constants definable in wp-config.php file:

  1. FORCE_SSL_LOGIN (force all logins over SSL)
  2. FORCE_SSL_ADMIN (force all logins and admin sessions over SSL)

 

This definitions must be placed (in wp-config.php file) before the line:

/* That's all, stop editing! Happy blogging. */

Here’s the code needed to force all logins and admin sessions to happen over SSL:

define('FORCE_SSL_ADMIN', true);