Using SSL just for login or admin connections? (3 posts)

  1. SalemDesign
    Posted 10 years ago #

    I have set up WordPress on a site which has a server-side SSL certificate. It would seem like a good idea to have the login/password entry protected by SSL encryption.

    I tried using the "Force SSL" plugin and it works as advertised... But it enforces SSL for all pages not just the login or admin pages.

    Since it is my understanding that the search engines ignore https pages, having the entire blog use SSL encryption all the time does not seem desirable.

    Can anyone suggest a way of enforcing SSL/https connection for login (and perhaps) for the admin-related pages which **would not** also require https for the public viewing of the blog entries.?

    I thought of using mod_rewrite (in .htaccess) to change all calls to http://www.mywebsite.com/blogdir/wp-admin to the https equivalent and then put a requireSSL in the .htaccess file for the wp-admin directory. I suspect that is naive but perhaps someone can suggest a workable approach.


    Salem Design

  2. awsm1th
    Posted 9 years ago #

    Just went thru this myself. I posted a resolution here.

    It is based off this solution created.

    There are some ways that it could be improved, but it should get you there assuming the only difference in the secure and regular paths are in the domains.

  3. HarisTV
    Posted 9 years ago #

Topic Closed

This topic has been closed to new replies.

About this Topic