Pull down your .htacess file before making changes to it, and you can try to add this:
# Redirect sub folders to sub domains
RedirectMatch 301 ^/wp-admin/?(.*)$ https://admin.domain.com/$1
.. change domain.com with your info.
I can’t tell you this will work. I’m running multisite with subdomains, so I can’t test this agains /wp-admin, but I do know the line .htaccess command above is correct, I’ve used it numerous times on many sites, and it will redirect the subfolder request, and what follows back to the subdomain, so any GET request will make it in the URL as well.
Thanks for the tip, I will give it a try when I get home tonight 🙂
Thanks 🙂
Hello,
I just tried your trick, and it didn’t work fully. For start, I get to the login page, and I can’t login. No errors no nothing. Is there anything that I need to put in my wp-config.php file?
Right now I’m just trying to get it working oh http before going the extra step.
Thanks
Ok, the problem may be with what WordPress expects to find when logging in. I’ll have a look later this evening after work.
Hello,
Is there a update to this?
Sorry, I forgot about you. I got hit with a huge project at work and too many hours between that and my ‘honey do’ list.
I’ll set a reminder to look at this tonight.
I don’t think it’s going to work because of how WordPress is writing the cookie data. There are security restrictions for cookies built into the browsers that prevent cross domain sharing. Those restrictions include subdomains.
I tired setting the COOKIE_DOMAIN in the wp-config.php, with ‘.domain.com’, but that still failed. The redirect, kept bringing me back to the wp-login page, and never logged in.
When I checked the cookies, they were being written w/o the preceding ‘.’, so it still wasn’t read by the admin subdomain.
FYI the . before the domain allows the browser to read the cookies across the subdomains. I didn’t dig into the core code, but it looks like it’s being stripped out based on what was showing in the browser.
Thankyou7 for getting back. Well I suppose they (wordpress) done that to stop cross domain cookies stealing.
In the end, I ended up using some very nice .htaccess code that checks to see if I got a keyword in the url, if so set a cookie that let me view the wp-login.php file and wp-admin folder.
If that cookie not there, then it gives a 404 error.
Thankyou for your help 🙂
EDIT: I found the link to the site where I found it: http://www.mawhorter.net/web-development/securing-wordpress-a-passive-method-for-preventing-unauthorized-requests-to-wp-admin-and-wp-login-php
Please note i’ve made some changes so that it gives a 404 instead of a 403 error
Hi,
I’m relatively new to wp and have basic knowledge of html and php.
I’ve got main site http://www.seedmedia.co.za and sub domain http://www.seedcorporatemedia.co.za
Because I want to modify the look of the sub domain site, I tried separate instals, each having own database.
However, when I try wp-login to sub-domain it rejects password and kicks me to main domain wp-login.
Any advice would be greatly appreciated.
Kindly,
Warren
