Is there a trick to get the WordPress HTTPS plugin to work on the login page correctly? Here's my dilemma:
Using shared SSL
plugin version 2.0
Typical URL - mydomain.net/testwp
FORCE_SSL_ADMIN wordpress variable off
FORCE_SSL_LOGIN wordpress variable off
SSL host set to abc.xyz.com/~username/testwp
Force SSL exclusive - Y
Force SSL admin - Y
The problem... in wp-login is this line:
<form name="loginform" id="loginform" action="<?php echo site_url('wp-login.php', 'login_post') ?>" method="post">
If I hit the wp-login using https://abc.xyz.com/~username/testwp/wp-login.php, every link in the page source is correctly evaluated to the SSL host URL given EXCEPT the form action url which uses a site_url call. This gets evaluated as https://mydomain.net/testwp/wp-login.php. So upon a form submission, this page will fail because there is no shared SSL available on mydomain.net.
Is this a bug in the plugin? Or is this expected? And if this is expected, how are you able to get logged in using shared SSL? Am I missing something simple?
Based on other posts, I also tried the 1.9.2 plugin and that caused infinite looping of the wp-login.php page.