WordPress SSL Encryption using Apache and mod_ssl

Overview

WordPress SSL Encryption has several options so you can encrypt just the Log-in page, the entire Admin area or the entire WordPress instance.

Apache Settings

  1. Install mod_ssl for Apache (on CentOS):
    [code]
    yum install mod_ssl
    [/code]
  2. Edit /etc/httpd/conf.d/ssl.conf and add your Certificate Files:
    [code]
    ServerName server.domain:443
    SSLCertificateFile /path/to/cert/server.domain.crt
    SSLCertificateKeyFile /path/to/cert/server.domain.key
    SSLCertificateChainFile /path/to/cert/server.domain.ca-bundle
    [/code]

Login Encryption

Edit wp-config.php before the:
[code]/* That’s all, stop editing! Happy blogging. */[/code]
Add the next Line:
[code]define(‘FORCE_SSL_LOGIN’, true);[/code]

Entire Admin Area Encryption

Edit wp-config.php before the:
[code]/* That’s all, stop editing! Happy blogging. */[/code]
Add the next Line:
[code]define(‘FORCE_SSL_ADMIN’, true);[/code]

Entire WordPress Encryption

Edit wp-config.php before the:
[code]/* That’s all, stop editing! Happy blogging. */[/code]
Add the next Line:
[code]define(‘FORCE_SSL_ADMIN’, true);[/code]

Option 1 – edit httpd.conf

Edit /etc/httpd/conf/httpd.conf and add the next line to your WordPress virtual host:
[code]
Redirect permanent / https://myserver.example.com/
[/code]
Restart Apache httpd service:
[code]httpd restart[/code]

Option 2 – edit .htaccess

Edit .htaccess and Add the next lines:
[code]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://myserver.example.com/$1 [R,L]
[/code]
Also make sure you have ‘RewriteEngine On’ included in your .htaccess file.

Enjoy WordPress SSL

Leave a Reply

Your email address will not be published.

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.