Home > Topic > How To Force SSL Logins and SSL Admin Access for WordPress

How To Force SSL Logins and SSL Admin Access for WordPress

Forums How To Force SSL Logins and SSL Admin Access for WordPress

This topic contains 0 replies, has 1 voice, and was last updated by  Staff 1 year, 6 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #22982

    Staff
    Keymaster

    To Force SSL Logins and SSL Admin Access
    Add to wp-config.php:

    define(‘FORCE_SSL_ADMIN’, true);

    If you are using a Reverse Proxy
    If WordPress is hosted behind a reverse proxy that provides SSL, but is hosted itself without SSL, these options will initially send any requests into an infinite redirect loop. To avoid this, you may configure WordPress to recognize the HTTP_X_FORWARDED_PROTO header (assuming you have properly configured the reverse proxy to set that header).

    Example
    define(‘FORCE_SSL_ADMIN’, true);
    // in some setups HTTP_X_FORWARDED_PROTO might contain
    // a comma-separated list e.g. http,https
    // so check for https existence
    if (strpos($_SERVER[‘HTTP_X_FORWARDED_PROTO’], ‘https’) !== false)
    $_SERVER[‘HTTPS’]=’on’;

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.