Simple secure login for wordpress

This is a simple way to setup a secure login for WordPress.  Simply editing “wp-login.php” and looking for:

/** Make sure that the WordPress bootstrap has run before continuing. */
require( dirname(__FILE__) . ‘/wp-load.php’ );

Add after that:

force_ssl_admin(true);

Now when accessing login and registration pages, the browser redirects to the secure version.

Edit,

After looking into “wp-settings.php” some more, I found the following setting:

if ( !defined(‘FORCE_SSL_ADMIN’) )
define(‘FORCE_SSL_ADMIN’, false);

Copying the define line to my “wp-config.php” and changing false to true has ensured this will work even if “wp-login.php” ever gets updated.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.