Home | Setup | FAQ | History | Reset

To setup Admin SSL on your WordPress blog please use the following instructions.

WordPress 3.0+

  1. Download and extract the latest stable version from the website.
  2. Upload the 'admin-ssl' directory to the plugins directory.
  3. Enable Admin SSL using the Plugins screen.
  4. Go to the Admin SSL config page (under the 'Plugins' menu option).
  5. Check the box labelled 'Secure my site with SSL'. Please be warned, if you do not have a private SSL certificate correctly installed this will break your site.
  6. Click 'Save Changes'.
  7. If the page says 'Options saved' then click on any link to navigate away from this page, and your admin and login pages will be secured.
  8. You can secure all your admin pages by adding 'wp-admin/' to the Additional URLs box.  If you use Akismet I recommend adding 'wp-admin/plugins.php?page=akismet-key-config' also.

Alternatively you can check out the latest version of Admin SSL from the SVN repository, and then complete the setup from Step 3.

WordPress MU 1.3+ (using Admin SSL 1.4.1 only)

Please note that installation of Admin SSL on WPMU is only possible for Site Administrators.  Also, Shared SSL is disabled for WPMU installations – you must have Private SSL installed.

  1. Download and extract the latest stable version from the website.
  2. Upload the Admin SSL files to: /wp-content/mu-plugins/admin-ssl/.
  3. Copy or move admin-ssl.php into the the /mu-plugins/ directory.  This means it will be enabled for all the blogs on your site.
  4. Sign in as a site administrator.
  5. Open the Admin SSL configuration page under the Site Admin menu.
  6. Check the 'Secure my site with SSL' box and enter any additional urls you would like secured.  I recommend that you add wp-signup.php, for example.
  7. Click 'Save Changes' and SSL will be enabled for your site.

17 Responses to “Setup”

  • What would be the best way to make sure that a private SSL certificate is correctly installed prior to plugin activation?
    Will it be sufficient to check if the https://blog-address will ask one to accept the certificate and then shows correctly?

  • i installed admin ssl and have a boot loop whats the easiest way to fix it?

  • @bernd Yes that is correct – make sure the certificate is loaded in your browser.
    @sammy Check out the Reset page, it has various methods you can try, they should all work.
    @Ben there are other features, for instance securing individual pages etc, that are not possible without the plugin.


  • i disabled the plugin but the only way to do it was to keep coping the links of the pages i wanted to go to and change them to http: instead of https: other wise id get the redirect loop but now if i use twentyten theme im secure but 2011 im semi secure and with graphene the theme im using now im not secure any advice?

  • @bgc:
    Thank you for your reply!
    According to my browser there is a certificate loaded, I see the Organisation, the validity and the fingerprints listed.
    However, when I activate the admin ssl plugin, my wp-admin only shows blank. I had to delete the plugin via ftp access to regain control of my admin pages. Any more ideas on what I could check next (wp 3.2.1 with twenty eleven)?

  • @bernd Hmmm I’m not sure – you could perhaps try putting it in reset mode, and then setting it all up again?

    @sammy I haven’t tested it with twentyten or graphene, one of them could be clashing with it. I use it without problems – using the K2 theme.

  • Hi

    Can i install this plugin on a wordpress multisite as well ?

  • @corrado, not any more unfortunately, it used to support multi-site, but since my host changed I have not been able to test shared SSL, and so had to remove support for multi-site.

  • Hi bcg
    i’m wondering that i dont use SSL certificate on my blog, so admin ssl plugin can protect my blog if i use it?

  • Hi,
    I installed the plugin and activated the box ‘Secure my site with SSL’, but I have not a private SSL certificate, so now appear this error:

    Error 107 (net::ERR_SSL_PROTOCOL_ERROR): Error de protocolo SSL

    What do I have to do? I can´t enter to the administrator panel in my blog.
    Thank you

  • @abs
    Sorry for the long delay replying, I haven’t really been checking my blog for updates! You need a private SSL certificate to use Admin SSL I’m afraid. If your site is not available with https:// instead of http:// then enabling Admin SSL *will* mean you cannot log in to your Dashboard.

    That sounds like your SSL certificate is not installed correctly – I hope you managed to get it sorted, again sorry for the long delay, life takes over sometimes!


  • Hi,

    I have you SSL plugin installed. SSL encrypted access to the admin pages works fine. However when I attempt to access any other pages defined to use SSL encryption I get an infinite redirect loop from the http page to the https page and back ad-ininitum. Such as:

    Any ideas one how to fix that?

    If I attempt to access a page not defined to use SSL but specify https in the URL I get a slightly different infinite redirection look repeatedly accessing the https page without successfully completing. e.g.

    Thanks Martin

  • @Martin, I’ll have a look into it, sorry it’s taken me so long to get back to you – is it still an issue for you?


  • Hi,

    Yes, still an issue.

    Any non admin page ssl access ping-pongs from SSL back to non SSL version until the browser times it out.


  • @Martin Taylor – I am hoping to have some time this summer to update the plugin, and check compatibility of all its features with WordPress 3.4. Keep watching this space! I’ve had a crazy year with work recently, so little time to look on this project.


Leave a Reply