Roy
(@gangleri)
It doesn’t work for me though. When I activate the plugin, all /wp-admin links are changed to https://etc., but since the locations seem to be unchanged, I get ‘page not found’ pages all over. I even have to delete the plugin using FTP because I cannot use the admin-panel anymore…
Gangleri: It sounds to me like you have some sort of server configuration issues. Why would the locations of the files need to change just because you’re using SSL? No server I’ve ever setup would require such a thing.
Roy
(@gangleri)
Ehm, what I mean is that when I click on a button in the admin-panel (such as http://www.xxx.xx/wp-admin/edit.php), the link has changed to httpS, etc. when the plugin is activated, but this results in a page not found and I asume that is because the server doesn’t ‘find’ the file under httpS (as it is still under http). The same as I cannot simply type https://www.mydomain.com when it is NOT running under SSL. I don’t understand much of it, so maybe I’ve got it all wrong (or don’t know how to day what I mean), but I hope you get my point. I’ve tried to look into the subject of certificates, but the plugin instructions don’t say anything about that AND I haven’t figured out how that works, so maybe there is the answer to my quesion.
Ahh, I see.
No, you generally don’t get SSL (https) for free. You have to create a certificate and setup your webserver to use that certificate. If you’re not actually running your own server, that’s probably something your host will have to do.
So the fact that you get “Page Not Found” is not because of WordPress, but probably because you have not setup your servers to do SSL in the first place. You have to have SSL support active before you can do https connections.
The plugin and WordPress is not going to tell you how to do all this, because none of this is part of WordPress. This is generic server and webhosting stuff. You’ll have to speak with your webhost to learn how to do that, and it’s something you’ll likely have to actually pay more for.
Which was sort of my point in another thread: Unless you’re actually accepting credit card information and such and thus are already capable of SSL, doing SSL is not worth it because it is not free.
Roy
(@gangleri)
I figured out that much (eventually), but it might be helpfull if at least mention is made of the creation/purchase of a certificate. It seems that you can do that yourself, get a free one, etc., but in the end it may indeed be a bit of a heavy method to protect a part of the website. Yesterday I’ve installed the AskApache plugin and I think it offers enough extra protection for me. Every /wp-admin url is protected by password, so at least if someone tries to access the /wp-admin or worse, the /wp-admin/install.php of whatever is asked to login. At the moment I think I’m happy enough with that.
As for the Admin-SSL plugin, thanks for thinking with me.
