Home | Setup | FAQ | History | Reset
To setup Admin SSL on your WordPress blog please use the following instructions.
WordPress 3.0+
- Download and extract the latest stable version from the website.
- Upload the 'admin-ssl' directory to the plugins directory.
- Enable Admin SSL using the Plugins screen.
- Go to the Admin SSL config page (under the 'Plugins' menu option).
- Check the box labelled 'Secure my site with SSL'. Please be warned, if you do not have a private SSL certificate correctly installed this will break your site.
- Click 'Save Changes'.
- If the page says 'Options saved' then click on any link to navigate away from this page, and your admin and login pages will be secured.
- You can secure all your admin pages by adding 'wp-admin/' to the Additional URLs box. If you use Akismet I recommend adding 'wp-admin/plugins.php?page=akismet-key-config' also.
Alternatively you can check out the latest version of Admin SSL from the SVN repository, and then complete the setup from Step 3.
WordPress MU 1.3+ (using Admin SSL 1.4.1 only)
Please note that installation of Admin SSL on WPMU is only possible for Site Administrators. Also, Shared SSL is disabled for WPMU installations – you must have Private SSL installed.
- Download and extract the latest stable version from the website.
- Upload the Admin SSL files to: /wp-content/mu-plugins/admin-ssl/.
- Copy or move admin-ssl.php into the the /mu-plugins/ directory. This means it will be enabled for all the blogs on your site.
- Sign in as a site administrator.
- Open the Admin SSL configuration page under the Site Admin menu.
- Check the 'Secure my site with SSL' box and enter any additional urls you would like secured. I recommend that you add wp-signup.php, for example.
- Click 'Save Changes' and SSL will be enabled for your site.
design © bcg mmxi
What would be the best way to make sure that a private SSL certificate is correctly installed prior to plugin activation?
Will it be sufficient to check if the https://blog-address will ask one to accept the certificate and then shows correctly?
i installed admin ssl and have a boot loop whats the easiest way to fix it?
@bernd Yes that is correct – make sure the certificate is loaded in your browser.
@sammy Check out the Reset page, it has various methods you can try, they should all work.
@Ben there are other features, for instance securing individual pages etc, that are not possible without the plugin.
bcg
i disabled the plugin but the only way to do it was to keep coping the links of the pages i wanted to go to and change them to http: instead of https: other wise id get the redirect loop but now if i use twentyten theme im secure but 2011 im semi secure and with graphene the theme im using now im not secure any advice?
@bgc:
Thank you for your reply!
According to my browser there is a certificate loaded, I see the Organisation, the validity and the fingerprints listed.
However, when I activate the admin ssl plugin, my wp-admin only shows blank. I had to delete the plugin via ftp access to regain control of my admin pages. Any more ideas on what I could check next (wp 3.2.1 with twenty eleven)?
@bernd Hmmm I’m not sure – you could perhaps try putting it in reset mode, and then setting it all up again?
@sammy I haven’t tested it with twentyten or graphene, one of them could be clashing with it. I use it without problems – using the K2 theme.
Hi
Can i install this plugin on a wordpress multisite as well ?
@corrado, not any more unfortunately, it used to support multi-site, but since my host changed I have not been able to test shared SSL, and so had to remove support for multi-site.
Hi bcg
i’m wondering that i dont use SSL certificate on my blog, so admin ssl plugin can protect my blog if i use it?
Hi,
I installed the plugin and activated the box ‘Secure my site with SSL’, but I have not a private SSL certificate, so now appear this error:
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): Error de protocolo SSL
What do I have to do? I can´t enter to the administrator panel in my blog.
Thank you
@abs
Sorry for the long delay replying, I haven’t really been checking my blog for updates! You need a private SSL certificate to use Admin SSL I’m afraid. If your site is not available with https:// instead of http:// then enabling Admin SSL *will* mean you cannot log in to your Dashboard.
@Rafael
That sounds like your SSL certificate is not installed correctly – I hope you managed to get it sorted, again sorry for the long delay, life takes over sometimes!
bcg