WordPress.org

Ready to get started?Download WordPress

Forums

WordPress HTTPS (SSL)
securing xmlrpc.php (2 posts)

  1. stefann
    Member
    Posted 1 year ago #

    I'm trying to secure connections for users who manage blog posts from one of the WordPress apps (like iPad) and forget to include https:// when specifying the blog URL. Can I use this plugin to control HTTP requests to xmlrpc.php by redirecting them to the HTTPS version. Would this guarantee that the password doesn't get sent in the clear or would the password be sent one time over HTTP and a second time over HTTPS? Thanks!

    http://wordpress.org/extend/plugins/wordpress-https/

  2. Mvied
    Member
    Plugin Author

    Posted 1 year ago #

    No. You would need to use a redirect rule in your .htaccess.

    If someone makes a POST to an HTTP page, even if that page is being redirected immediately, there is a chance that it could be intercepted. Furthermore, it's possible that the POST will be lost when the redirect occurs.

    Hope that helps.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic