Secures the backend AND the frontend with ssl when you are logged in
Secures the backend AND the frontend with ssl when you are logged in. If a user logs in and calls a http site you will be redirected to the equivalent https site. You do not have to manually define
FORCE_SSL_ADMIN in the
wp-config.php. The authentication cookies will be ssl secured.
There is no protection against ssl leaks. If you follow a http link, a men in the middle could, for example, see which site you enter.
But he cannot steal your login session! :D