I installed BPS on a site that has SSL enforced for the entire wp-admin area of a WP3.0.4 site, and that just didn’t work. That is, this works: enabling the plugin, checking the status, backing up the original htaccess files, activating the top-level htaccess protection. Perhaps I should say it sort-of works, as the otherwise pretty jQuery UI tabs don’t show up, other than as styled lists (perhaps due a hard-set call to the Google hosted JS libs?). However, functionally everything pans out so far.
But then, activating the htaccess protection for wp-admin – this didn’t work. That is: empty page thrown back, and general misery until I dove in via FTP and renamed the BPS plugin folder (a crude way to deactivate it, but it works).
I’m not sure that many sites have a private cert (and unique IP) to support a “proper” private https access for their site, but in our case (a non-profit association) we wanted to make sure that access over WiFi was secure enough to not bother too much about insecure APs (especially for registration, which entails fairly detailed professional data).
So… Is there light at the end of the tunnel for those of us using SSL to rework all the BPS related wp-admin calls to (especially external) resources, such as scripts and css and image files?
Thanks in advance!
Added later: at least, so that the insanely awesome WordPress HTTPS can take over and automagically rework calls to https versions…
- The topic ‘BulletProof Security and SSL for wp-admin?’ is closed to new replies.