CheapSSLSecurity
  • Arrow Down SSL Brands Only the most trusted
    • DigiCert
    • Thawte
    • GeoTrust
    • RapidSSL
    • Comodo
    • Sectigo
  • Arrow Down SSL Products What type do you need?
    • Domain ValidationDV SSL Certificates
      • Secure your site in 5 minutes
      • Our cheapest price: $4.97/year
    • Wildcard CertificatesWildcard SSL Certificates
      • Secure unlimited subdomains
      • Our cheapest price: $49.76/year
    • Extended ValidationEV SSL Certificates
      • Show your company name in the address bar
      • Our cheapest price: $69.85/year
    • Organization ValidationOV SSL Certificates
      • Validate your organization with SSL
      • Our cheapest price: $23.51/year
    • Multi-Domain CertsMulti-Domain SSL Certificates
      • Secure up to 250 different websites
      • Our cheapest price: $18.02/year
    • Multi-Domain Wildcart CertsMulti-Domain Wildcard SSL
      • Secure up to 250 domains w/subdomains
      • Our cheapest price: $148.18/year
    • Code SigningCode Signing Certificates
      • Sign & secure your executable software
      • Our cheapest price: $69.17/year
    • SSL RenewalsRenew SSL Certificate
      • Renew SSL certificate at cheap prices
      • Our cheapest price: $5.45/year
    • Compare SSLCompare SSL Certificates
      • Find the best certificate for your needs
      • Compare DV, EV, Wildcard & MDC SSL
    • HackerGuardian PCI Scan ControlHackerGuardian PCI Scan Control
      • Comply with PCI scanning requirements
      • Our cheapest price: $70.83/year
  • Arrow Down Support Blog, Support
    • Why So Cheap?Why So Cheap?
    • SSL ToolsSSL Tools
    • SSL ResourceSSL Resource
    • KnowledgebaseKnowledgebase
    • Contact UsContact Us
    • Refund RequestRefund Request
    • Submit a TicketSubmit a Ticket
    • BlogBlog
    • FAQFAQ
  • Arrow Down Buy Now Save big today
    • Wildcard SSL CertificatesWildcard SSL Certificates

      • Comodo PositiveSSL Wildcard Certificate
      • RapidSSL Wildcard Certificate
      • Comodo EssentialSSL Wildcard Certificate
      • View All
    • Domain ValidationDomain Validation

      • Comodo PositiveSSL Certificate
      • RapidSSL Certificates
      • GeoTrust QuickSSL Premium
      • View All
    • Extended ValidationExtended Validation

      • Geotrust True BusinessID with EV
      • Comodo EV SSL
      • Comodo PositiveSSL EV
      • View All
    • Multi-Domain CertsMulti-Domain SSL

      • GeoTrust EV Multi-Domain SSL
      • GeoTrust Multi-Domain SSL
      • Comodo Multi-Domain SSL
      • View All
    • Code SigningCode Signing

      • Comodo Code Signing Certificate
      • Sectigo Code Signing Certificate
      • Thawte Code Signing Certificate
      • View All
    • Organization ValidationOrganization Validation

      • Comodo Instant SSL
      • Comodo Instant SSL Pro
      • GeoTrust True BusinessID
      • View All
  • United States
    • Choose Region:

    • united states flag icon
    • united kingdom country icon
    • india flag icon
    • singapore country icon
    • philippines flag icon
    • australia flag icon
  • SSL Brands
    • SSL Brands
    • Digicert
    • RapidSSL
    • Comodo
    • GeoTrust
    • Thawte
    • Sectigo
    • Symantec
  • SSL Products
    • SSL Products
    • DV SSL Certificates
    • Wildcard SSL Certificates
    • EV SSL Certificates
    • OV SSL Certificates
    • Multi-Domain SSL Certificates
    • Multi-Domain Wildcard SSL
    • Code Signing Certificates
    • Renew SSL Certificate
    • Compare SSL Certificates
    • HackerGuardian PCI Scan Control
  • Support
    • Support
    • Why So Cheap?
    • SSL Tools
    • SSL Resource
    • Knowledgebase
    • Contact Us
    • Refund Request
    • Submit a Ticket
    • FAQ
  • Buy Now
    • Buy Now
    • WildCard SSL
    • Domain Validation
    • EV SSL Certificate
    • Multi-Domain SSL Certificates
    • Code Signing Certificates
    • Organization Validation

SSL/TLS Certificates

Sold at Ridiculously Low Prices.

Secure Unlimited Subdomains

RAPIDSSL Wildcard For Only $49.76

Limited Time Sale

RapidSSL logo Get Wildcard SSL For $49.76 (USD)
  1. SSL Help >>
  2. WordPress >>
  3. How to Protect WordPress Login & Admin Panel with SSL / HTTPS >>

Post navigation

← Previous Next →

How to Protect WordPress Login & Admin Panel with SSL / HTTPS

Posted on by casey.crane
1 Star2 Stars3 Stars4 Stars5 Stars (13 votes, average: 43.08 out of 5)
Loading...

Quick Steps to Protect Your WordPress Site’s Login & Admin Panel Using a Secure HTTPS Connection

WordPress is among the easiest CMS (Content Management System) to use. More than 30% of websites and blogs on the internet are made using WordPress.

how to protect wordpress login admin panel with ssl

WordPress is a secure CMS, but still, it often becomes the target of cyberattacks. Henceforth, such incidents of WordPress sites getting attacked proves that you shouldn’t take WordPress website security lightly. Likewise, it’s required to keep your WordPress Admin area and its Login page secure to avoid such cyber-attacks. And one such way is by enabling the FORCE_SSL option, so you can prevent yourself from getting exposed to cyberattacks like “Man-in-the-middle attacks.”

Hasn’t Google Made It Mandatory to Have an SSL/TLS Certificate?

Google has made it compulsory to have an SSL/TLS certificate installed. But sometimes, even after you install an SSL/TLS certificate, some issues arise, and your site doesn’t load on HTTPS. For example, if you haven’t forced the HTTP version website to load on a secure HTTPS connection, your site visitors may still see the HTTP version.

At least, you should force the Login and Admin panel to load over SSL. And, having the FORCE_SSL option enabled, the WordPress site will force your Login and Admin panel to load using SSL. And the URL of the Login form and Admin panel will always load using HTTPS://.

WordPress SSL Certificates

Protect your WordPress website in minutes with WordPress SSL Certificate. It includes 256 bit encryption, $10K-$50K warranties, daily WordPress scanner, site seal and more.

Buy WordPress SSL Certificates

How to Enable & Use Force_SSL Option Within Your WordPress Website

Go through the below steps to enable the Force_SSL option:

Download & Edit wp-config.php File

Download the wp-config.php file from your website and open it using your favorite text editor, such as notepad.

Here’s the Steps to Download wp-config.php File

  • Login into your hosting account. (cPanel account).
  • Click File Manager under the FILES section.

file manager

  • Once File Manager opens, go to the home directory, click and open the folder named public_html.

public html option

  • On the right side, you’ll find the list of files. From that list of files, select the wp-config.php file and click the Download button from the above menu.

wp config file

  • After downloading the wp-config.php file, open it using any text editor (like Notepad++) and change settings for the FORCE_SSL option to true for both the Login page and Admin panel.

Change the Setting of FORCE_SSL_LOGIN in Your wp-config.php File to True for WordPress Login

By default, this FORCE_SSL_LOGIN setting is not specified within your WordPress wp-config.php file. Therefore, you’ll need to add it on your own if you’re doing it for the first time.

To enable this FORCE_SSL_LOGIN setting, add the below line of code into your wp-config.php file:

define( ‘FORCE_SSL_LOGIN’, true );

define force ssl login code

The best place to add is right after the line that sets WP_DEBUG, as shown in the screenshot.

Enable Setting for WordPress Admin by Enabling FORCE_SSL_ADMIN

As you did in the above step, do the same for enabling setting for FORCE_SSL_ADMIN.

define force ssl admin code

Add the below code below the FORCE_SSL_LOGIN:

define( ‘FORCE_SSL_ADMIN’, true );

Save & Replace wp-config.php File

Once you complete editing the previously mentioned codes, save the wp-config.php file. Login in to your cPanel account, go back to the File Manager and delete the old wp-config.php file and replace it by uploading it into the public_html folder with the present wp-config.php file that you just edited.

Note:

Before editing the wp-config.php file, it’s recommended to take a backup of your website using a tool like CodeGuard Backup. Henceforth, if anything goes wrong and your website stops working or creates an issue, you have an old working version of your website ready.

What Is wp-config.php File?

Wp-config.php file is a configuration file that’s part of all the self-hosted WordPress websites. Unlike other WordPress files, it doesn’t come built-in with WordPress, but it’s generated explicitly for the website during the installation process.

creating wp config

WordPress stores information of your website database within the wp-config.php file. Therefore, if anything goes wrong with this wp-config.php file, or if the wp-config.php file doesn’t have your WordPress website information, your site will stop working and instead generate an error.

Wrapping Up

Having an SSL certificate is a must, but sometimes your website creates an issue and fails to load on HTTPS even after installing an SSL/TLS certificate. Therefore, it’s recommended that once you install an SSL certificate, you edit your wp-config.php file and change the settings by adding FORCE_SSL_LOGIN and FORCE_SSL_ADMIN code. Then your Login and Admin panel will load forcefully on a secure HTTPS connection.

 

Related posts:

  1. How to Install an SSL Certificate in Your WordPress Site That’s Hosted on SiteGround Quickly
  2. How to Redirect HTTP to HTTPS in .htaccess for a WordPress Website
  3. How to Fix the ERR_SSL_PROTOCOL_ERROR in Your WordPress Website Instantly
  4. How to Change Your WordPress Website from HTTP to HTTPS
  5. 5 Best HTTP to HTTPS WordPress Plugins to Consider
  6. How to Install an SSL Certificate in WordPress Site Hosted on BlueHost
  7. How to Install an SSL Certificate to WordPress Site Hosted on Nginx Server
  8. Best SSL Certificates for WordPress From a Globally Trusted CA
This entry was posted in WordPress and tagged protect wordpress login panel with ssl by casey.crane. Bookmark the permalink.

Site Reviews

View All SSL Reviews

Janusz CzeropskiMar 2023

Rating

"Cheapsslsecurity is really flexible product for company starters including long term companies. Cheapsslsecurity offers affordable SSL Certificates. Which are really great product. Myself, I use Wildcard SSL by Comodo over a year with zero issues which is really surprise for so cheap Wildcard SSL. I would recommend this product to anyone."

Raed NeshiewatMar 2023

Rating

"Very fast delivery. Installation was easy with no problems. If you are installing a wildcard SSL certificate on cPanel, you need to specify the actual domain name, don't try to install it on *.domain.com , you have to install it on each subdomain such as admin.domain.com, shop.domain.com,..etc. Use the same certificate for each subdomain you install. Good luck!"

Connect with us:

  • Facebook
  • Twitter

99.9% Browser Support:

Browsers

We Accept:

Payment
RapidSSL

Get affordable, fast SSL security solutions for your website.

from $4.97/yr
View All Certificates
Comodo

Get the cheapest prices on a flexible SSL solution from a world leader.

from $5.45/yr
View All Certificates
GeoTrust

Get SSL security solutions from a leading & trusted worldwide brand.

from $36.52/yr
View All Certificates
Thawte

SSL & code signing solutions at the lowest & best price.

from $28.44/yr
View All Certificates
TrustedSite Verified Site Seal
Customer Reviews

SSL Brands

  • RapidSSL
  • Comodo
  • Sectigo
  • GeoTrust
  • Thawte
  • DigiCert

SSL Products

  • Extended Validation
  • Wildcard Certificates
  • Organization Validation
  • Multi-Domain SSL
  • SAN SSL Certificates
  • UCC SSL Certificates
  • Domain Validation
  • Code Signing
  • Renew SSL
  • WordPress SSL

Support

  • SSL Resource
  • Knowledge Base
  • Sitemap
  • SSL Tools
  • SSL Comparison
  • FacebookFacebook
  • TwitterTwitter

Contact Us

  • Contact Us
  • Low Price Guarantee
  • Refund Request
  • Why So Cheap?
  • FAQ

© 2023 Web Security Solutions, LLC. All Rights Reserved.

  • Refund Policy
  • Privacy Policy
  • Disclaimer