Wordpress - Is there a way to force ssl on certain pages
New workflow, since the Admin SSL plugin is not supported.
use the Plugin WP https
See the settings
If you want SSL for
wp-admin
, add this to thewp-config.php
:define( 'FORCE_SSL_ADMIN', TRUE );
If you want also SSL for the log in page, add this to the
wp-config.php
define( 'FORCE_SSL_LOGIN', TRUE );
Add the follow line to the
.htaccess
; remove the default of WP<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L] </IfModule>
If you set a specific page/post to SSL in front-end, then use the following plugin or set the option in the editor of the post/page; only if you have active this possibility of the plugin WP https. see also Gist 4081291 for a sample plugin
/** * Plugin Name: Force SSL for specific pages * Description: * Author: Frank Bültge * Author URI: http://bueltge.de/ * Version: 1.0.0 */ ! defined( 'ABSPATH' ) and exit; if ( ! function_exists( 'fb_force_ssl' ) ) { add_filter( 'force_ssl' , 'fb_force_ssl', 1, 3 ); function fb_force_ssl( $force_ssl, $id = 0, $utrl = '' ) { // A list of posts/page that should be SSL $ssl_posts = array( 22, 312 ); if ( in_array( $id, $ssl_posts ) ) $force_ssl = TRUE; return $force_ssl; } } // end if func exists
Without Plugin WordPress HTTPS
add_action( 'template_redirect', 'fb_ssl_template_redirect', 1 ); function fb_ssl_template_redirect() { if ( is_page( 123 ) && ! is_ssl() ) { if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) { wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']), 301 ); exit(); } else { wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 301 ); exit(); } } else if ( !is_page( 123 ) && is_ssl() && !is_admin() ) { if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) { wp_redirect(preg_replace('|^https://|', 'http://', $_SERVER['REQUEST_URI']), 301 ); exit(); } else { wp_redirect('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 301 ); exit(); } } }
or a smaller version, but not with fallbacks, if the url is wrong
add_filter( 'pre_post_link', 'fb_set_ssl_url', 10, 3 );
function fb_set_ssl_url( $permalink, $post, $leavename ) {
if ( 123 == $post->ID )
return preg_replace( '|^http://|', 'https://', $permalink );
return $permalink;
}
For WordPress version 3.0 and above, the admin-ssl plugin does not work. In order to get SSL to work, you need to take two steps:
- Enable the Administration Over SSL option in your wp-config.php file (see here).
- Install the WPSSL plugin on the site. (updated for WordPress 3.0+)
- On the pages you want to to run over SSL, add a meta tag called "force_ssl" and set the value to "true".
You should be all set after that.
Use the admin-ssl plugin. For stuff outside of wp, use rewriite rule in apache