Support » Plugin: iThemes Security (formerly Better WP Security) » Force SSL : Does it work with NGINX ?

  • If the “Force SSL” options are enabled (for dashboard only OR including front end) is any ADDITIONAL action required to make this work in an NGINX environment?

Viewing 4 replies - 1 through 4 (of 4 total)
  • No, it just adds either the line below to the wp-config.php file (Enabled):

    define( 'FORCE_SSL_ADMIN', true ); // Redirect All HTTP Page Requests to HTTPS - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard

    or (Advanced):

    define( 'FORCE_SSL_ADMIN', true ); // Force SSL for Dashboard - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard

    depending on the chosen option value.

    Nothing NGINX specific, as far as I can see.

    To prevent any confusion, I’m not iThemes.

    • This reply was modified 1 month, 3 weeks ago by nlpro.
    • This reply was modified 1 month, 3 weeks ago by nlpro.

    That said, the use of the PHP php_sapi_name() function in the SSL module’s code may cause a specific error when using CLI. But again this is not NGINX specific, as far as I can see.

    More details about the CLI related error here.

    Thread Starter TWD

    (@twd)

    Out of curiosity, I don’t see the difference between the two:

    define( 'FORCE_SSL_ADMIN', true ); // Redirect All HTTP Page Requests to HTTPS - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard

    or (Advanced):

    define( 'FORCE_SSL_ADMIN', true ); // Force SSL for Dashboard - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard

    in both cases it is :
    define( 'FORCE_SSL_ADMIN', true );

    Yes, I noticed too.

    It seems in the past there used to be a FORCE_SSL_LOGIN constant which was deprecated in WordPress version 4.0.

    Now the constant FORCE_SSL_ADMIN can be set to true in the wp-config.php file to force all logins and all admin sessions to happen over SSL.

    The iTSec plugin SSL PHP code will handle the difference based on plugin SSL settings persisted in the database (Enabled/Advanced);-)

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.