WordPress.org

Ready to get started?Download WordPress

Forums

Multisite, SSL (wildcard) and forced login (10 posts)

  1. broniors
    Member
    Posted 3 years ago #

    Hi,

    I am trying to get my multisite to have forced SSL login (and ideally admin .. but I would be happy with login to get started). I have a wildcard SSL certificate and it works when I try to login when I type in https... but it does not force the user to use https

    I have added the following to my wp-config.php file

    define('FORCE_SSL_LOGIN', true);

    (from http://codex.wordpress.org/Administration_Over_SSL)

    Regards,
    Bron

  2. broniors
    Member
    Posted 3 years ago #

    Do I need a plugin ... if so which one. I have tried a couple (Admin SSL does not work for me)

  3. lucasajackson
    Member
    Posted 3 years ago #

    I am having this same issue, and no one has answered any of my responses either. I tried using WordPress SSL, but it didn't work with the way I needed it to.

  4. dbvista
    Member
    Posted 3 years ago #

    When you use FORCE_SSL_LOGIN, it does not encrypt the login page. However, it does make the login page use SSL on submit, protecting your credentials.

    To see this, do a "View Source" on the login page and look for the <form> tag. The "action" attribute will says "https://...." This is all you need.

  5. ladamiec
    Member
    Posted 3 years ago #

    What dbvista says is true. The problem is, my users don't see the https or the lock symbol in the browser and they think the information is being sent in plain text.

    So how do you get the https and/or lock symbol to appear?

    Larry

  6. Tim Moore
    Moderator
    Posted 3 years ago #

    You can use FORCE_SSL_ADMIN instead of FORCE_SSL_LOGIN and it should return an HTTPS page. However, everything in wp-admin will be run through HTTPS instead of HTTP.

  7. ladamiec
    Member
    Posted 3 years ago #

    Using FORCE_SSL_ADMIN is fine with me. I don't unedrstand why FORCE_SSL_LOGIN doesn't uses the HTTPS page.

  8. seanscullion
    Member
    Posted 3 years ago #

    Hello!

    Is there a published solution to this problem anywhere?

    Here's our setup and what we're trying to achieve:

    * We've got a single installation of WordPress.
    * We run multiple subdomain sites with the single installation
    * We want a single user-registration process (registration for one implies registration for all)
    * Ideally, a single-sign-on - log in to one implies log in for all. We understand this might be a problem due to the cookie being set for the domain of the original sign-in, but if someone has solved this please let me know.
    * We would like the login, registration and all admin pages to be done over SSL.

    Has anyone out there achieved such a set up?

    Many thanks,

    Sean Scullion

  9. seanscullion
    Member
    Posted 3 years ago #

    ps - does not need to be wildcard SSL, but that option is available to us if that's the only solution.

    any ideas?

    Thanks!

  10. Tim Moore
    Moderator
    Posted 3 years ago #

    This (http://wordpress.org/extend/plugins/multisite-user-management/) should help with users having access across the board. If I remember correctly, in MultiSite, all users technically sign up in one place anyway. That plugin should help have all users be members of all sites.

    As far as SSL admin pages and login, you need to set the following in wp-config.php:

    define( 'FORCE_SSL_ADMIN', true );

    All of your admin logins and pages will be over HTTPS. Keep in mind, however, that some plugins do not recognize HTTPS and will not function correctly.

Topic Closed

This topic has been closed to new replies.

About this Topic