WordPress.org

Forums

WordPress HTTPS (SSL)
[resolved] FORCE_SSL_LOGIN for shared SSL (11 posts)

  1. Chad Warner
    Member
    Posted 2 years ago #

    This plugin's installation page says,

    If you would like connections to your admin panel to be secure, enable Force SSL Admin. If you are using a non-default SSL Host, do not use WordPress' built-in FORCE_SSL_ADMIN or FORCE_SSL_LOGIN.

    If I'm not supposed to use FORCE_SSL_LOGIN with shared SSL, what's the best way to enable SSL logins? I don't need to secure my entire admin panel (FORCE_SSL_ADMIN); I just want login credentials encrypted.

  2. Mike Ems
    Member
    Plugin Author

    Posted 2 years ago #

    Unfortunately, you can't. Your only option is to secure your entire admin panel.

    It's a big pain to get that to work correctly because domains can't set cookies for other domains, so you would have to toss the session around to get that to work right. I'm too worried about the security issues that might create, but one day I plan on implementing it.

  3. Chad Warner
    Member
    Posted 2 years ago #

    Thanks for the quick reply and explanation.

  4. supah
    Member
    Posted 2 years ago #

    i'm trying to figure out how to use an ssl plus wordpress on a shared server. i'm pretty frustrated because i made the mistake of assuming it would work.

  5. supah
    Member
    Posted 2 years ago #

  6. Mike Ems
    Member
    Plugin Author

    Posted 2 years ago #

    If the plugin doesn't work after setting your SSL Host to the Shared SSL, turn the Proxy setting On and it should work. I would recommend getting a host that isn't terrible, though.

  7. supah
    Member
    Posted 2 years ago #

    hey Mvied -
    you're so right, and of course i picked that particular hosting company.
    i had used the above solution in place for some time, and it wasn't catching everything (images, style sheets ... ) so this plugin slayed my dragon - i thought I'd pass it along since it helped me so much -

    http://snippets.webaware.com.au/snippets/wordpress-is_ssl-doesnt-work-behind-some-load-balancers/

    Thanks for all the work you do.
    -abgp

  8. Mike Ems
    Member
    Plugin Author

    Posted 2 years ago #

    I've considered adding a similar solution to WordPress HTTPS. It would have to be a little more complex than that, but it would be easy now that I think about it. I may do that now. I'm doing a lot of restructuring in the plugin right now. Working on version 3.4 and so far, it's looking to be a really nice release. I'll see what I can do. Would you be interesting in testing it for me?

  9. Chad Warner
    Member
    Posted 2 years ago #

    I'm willing to test. I have a shared hosting account with Hostmonster, Bluehost's sister company. As far as I can tell, Hostmonster accounts are basically identical to Bluehost accounts. Just provide instructions for testing and I'll try to make time.

  10. supah
    Member
    Posted 2 years ago #

    Certainly! Let me know.

  11. lamhuy
    Member
    Posted 1 year ago #

    I can help with testing as well. Any update? Please keep me posted. Thanks

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • WordPress HTTPS (SSL)
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic