Think I’ve got a way to do this based on the notes from this page.
Here’s a line by line of what I did.I have two domains setup with the following docRoots:
http://www.example.com/
/home/me/public_html
https://secure.example.com/
/home/me/secure_html
wordpress is installed in:
/home/me/public_html/wordpress
First step is to create a symbolic link to wordpress inside the scure_html with the command: “ln -s /home/me/secure_html/wordpress /home/me/public_html/wordpress”
With the symbolic link you only have to make changes to files, templates, whatever in one place and they will appear on both the regular and secure versions of you blog.
Next step is to edit the “wp_config.php” file. The way I did it was to add the following lines just below the “require_once(ABSPATH.’wp-settings.php’);” line.
//START SECURE CONFIG HACK
wp_cache_set(“siteurl_secure”, “https://secure.example.com/wordpress/”, “options”);
wp_cache_set(“home”, $_SERVER[“HTTPS”]?”https://secure.example.com/wordpress/” : “http://www.example.com/blog/”, “options”);
wp_cache_set(“siteurl”, get_settings(“home”), “options”);
// END SECURE CONFIG HACK
This tells word press that if you are accessing it from a secure page to stay with a secure page.
For the edit to the “wp-login.php” file, I did it a slightly different way than the “noctis.de” example. The first thing in wp-login.php is:
require( dirname(__FILE__) . ‘/wp-config.php’ );
Directly below this I added:
// START
if( !$_SERVER[‘HTTPS’]) {
header(“Location: ” . get_settings(‘siteurl_secure’) . “wp-login.php”);
}
// END
This way, whenever the login page is called a check is made to ensure that you are on the secure domin. If not, you are redirected there automatically.
Anyways, after just a little testing this seems to be working for me. Good luck, and hopefully this type of functionality will get added into the WordPress core soon.
