WordPress.org

Forums

https in url on login page only? (4 posts)

  1. mic10
    Member
    Posted 1 year ago #

    I have forced ssl over login and not admin in wp-config, is there any way of getting https to show in the url so it only shows on the login page and no other pages? I am already aware the login page is secure by forcing it in wp-config but it so other users know it is secure.

    I have a sub-domain multisite setup and wild card ssl.

    any help much appreciated.

  2. You COULD try forcing it with an htaccess redirect.

  3. mic10
    Member
    Posted 1 year ago #

    Thanks for your reply. How is this possible? I've tried a few things in htaccess but as soon as I set htaccess to login with https, it stays https in the admin.

    In wp-config - the force ssl for admin is set to false whilst adding in my htaccess:

    RewriteRule ^login$ https://mysite.com/wp-login.php [NC,L]
    RewriteRule ^login$ https://mysite.com/login [NC,L]

    I've also tried to force it back to http once logged in:

    RewriteRule ^admin$ http://mysite.com/wp-admin [NC,L]
    RewriteRule ^admin$ http://mysite.com/admin [NC,L]

    But the admin just stays https.

  4. Actually ... if you set up SSL for login, WP already forces that.

    http://halfelf.org/2014/ssl-for-one-domain-on-multisite/

    if ( $_SERVER["HTTP_HOST"] == "mysite.com" ) {
        define('FORCE_SSL_LOGIN', true);
    }

    That actually should be all you need, and it'll force WP to serve https on admin. If you JUST want the login page, make it just login.

Topic Closed

This topic has been closed to new replies.

About this Topic