WordPress SSL Encryption using Apache and mod_ssl

Overview

WordPress SSL Encryption has several options so you can encrypt just the Log-in page, the entire Admin area or the entire WordPress instance.

Apache Settings

  1. Install mod_ssl for Apache (on CentOS):
    yum install mod_ssl
    
  2. Edit /etc/httpd/conf.d/ssl.conf and add your Certificate Files:
    ServerName server.domain:443
    SSLCertificateFile /path/to/cert/server.domain.crt
    SSLCertificateKeyFile /path/to/cert/server.domain.key
    SSLCertificateChainFile /path/to/cert/server.domain.ca-bundle
    

Login Encryption

Edit wp-config.php before the:

/* That's all, stop editing! Happy blogging. */

Add the next Line:
define('FORCE_SSL_LOGIN', true);

Entire Admin Area Encryption

Edit wp-config.php before the:

/* That's all, stop editing! Happy blogging. */

Add the next Line:
define('FORCE_SSL_ADMIN', true);

Entire WordPress Encryption

Edit wp-config.php before the:

/* That's all, stop editing! Happy blogging. */

Add the next Line:
define('FORCE_SSL_ADMIN', true);

Option 1 – edit httpd.conf

Edit /etc/httpd/conf/httpd.conf and add the next line to your WordPress virtual host:

Redirect permanent / https://myserver.example.com/

Restart Apache httpd service:
httpd restart

Option 2 – edit .htaccess

Edit .htaccess and Add the next lines:

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://myserver.example.com/$1 [R,L]

Also make sure you have ‘RewriteEngine On’ included in your .htaccess file.

Enjoy WordPress SSL

Leave a Reply

Your email address will not be published.

*