Using SSL to protect admin sessions
I was hoping someone might be able to help me with difficulties configuring WordPress so that SSL is enabled when logging into and accessing the admin interface.
First thing I did was to add
define('FORCE_SSL_ADMIN', true);to wp-config.
My service provider (Site5) has server-wide certs available for use, but you need to access using a different URL. Rather than the usual
https://mysite.tld/, in order to access you need to use the URL
https://servername.site5.com/~username/, which is supposed to bring you to the same place. So I tried the above with of course
wp-admin/added at the end, and got this error:
In order to diagnose things, I took the liberty of checking how this URL would work without enabling SSL, so I removed the line from wp-config requiring SSL then tried to access
I was able to access the login page, but noticed that when it went to the login screen, the URL had changed to:
which I suspect would be why it’s causing an error when I try it using SSL – it redirects to mydomain.tld, which doesn’t work with the server-wide certificate, and so blows up.
Is there a way to prevent the redirect and enable login through the alternative URL, so that I can login to admin using SSL, or is this a hopeless endeavour?
Any suggestions or thoughts would be most appreciated.
- The topic ‘Using SSL to protect admin sessions’ is closed to new replies.