e-Mail[email protected]
  • Blog
  • SSL Tools
    • SSL ToolsCSR Generator
    • SSL ToolsCSR Decoder
    • SSL ToolsSSL Checker
    • SSL ToolsSSL Converter
    • SSL ToolsCRT Key Matcher
    • SSL ToolsCRT Decoder
    • SSL ToolsWhy No Padlock
  • Support
    • Why So Cheap?Why So Cheap?
    • SSL ResourceSSL Resource
    • KnowledgebaseKnowledgebase
    • Contact UsContact Us
    • Submit a TicketSubmit a Ticket
    • FAQFAQ
  • My Account
  • United States
    Choose Region:
    • united states flag icon
    • united kingdom country icon
    • india flag icon
    • singapore country icon
    • philippines flag icon
    • australia flag icon
CheapSSLSecurity
  • Brands
    • Cheap Digicert SSL
    • Cheap Thawte SSL
    • Cheap GeoTrust SSL
    • Cheap RapidSSL
    • Cheap Comodo SSL
    • Cheap Sectigo SSL
    • Cheap FastSSL
    • Cheap PositiveSSL
  • Products
    • Domain Validation
      DV SSL Certificates Secure your site in 5 minutes Our cheapest price: $4.97/year
    • Wildcard Certificates
      Wildcard SSL Certificates Secure unlimited subdomains Our cheapest price: $38.95/year
    • Extended Validation
      EV SSL Certificates Show your company name in the address bar Our cheapest price: $69.85/year
    • Organization Validation
      OV SSL Certificates Validate your organization with SSL Our cheapest price: $23.51/year
    • Multi-Domain Certs
      Multi-Domain SSL Certificates Secure up to 250 different websites Our cheapest price: $18.02/year
    • Multi-Domain Wildcart Certs
      Multi-Domain Wildcard SSL Secure up to 250 domains w/subdomains Our cheapest price: $148.18/year
    • Code Signing
      Code Signing Certificates Sign & secure your executable software Our cheapest price: $129.00/year
    • SSL Renewals
      Renew SSL Certificate Renew SSL certificate at cheap prices Our cheapest price: $5.45/year
    • Compare SSL
      Compare SSL Certificates Find the best certificate for your needs Compare DV, EV, Wildcard & MDC SSL
    • HackerGuardian PCI Scan Control
      HackerGuardian PCI Scan Control Comply with PCI scanning requirements Our cheapest price: $70.83/year
  • Cart0
Show Menu
  • Close Menu
  • SSL Brands
    • SSL Brands
    • DigiCert
    • RapidSSL
    • Comodo
    • GeoTrust
    • Thawte
    • Sectigo
    • FastSSL
    • PositiveSSL
  • SSL Products
    • SSL Products
    • DV SSL Certificates
    • Wildcard SSL Certificates
    • EV SSL Certificates
    • OV SSL Certificates
    • Multi-Domain SSL Certificates
    • Multi-Domain Wildcard SSL
    • Code Signing Certificates
    • Renew SSL Certificate
    • Compare SSL Certificates
    • HackerGuardian PCI Scan Control
  • SSL Tools
    • CSR Generator
    • CSR Decoder
    • SSL Checker
    • SSL Converter
    • CRT Key Matcher
    • CRT Decoder
    • Why No Padlock
  • Support
    • Support
    • Why So Cheap?
    • SSL Resource
    • Knowledgebase
    • Contact Us
    • Submit a Ticket
    • Blog
    • FAQ
  • Buy Now
    • WildCard SSL
    • Domain Validation
    • EV SSL Certificate
    • Multi-Domain SSL Certificates
    • Code Signing Certificates
    • Organization Validation
  • Choose Region:
    • united states flag icon
    • united kingdom country icon
    • india flag icon
    • singapore country icon
    • philippines flag icon
    • australia flag icon
  • Login
Secure Your
Website
FOR $3.98/YR
GET A CHEAP SSL
Secure Unlimited
Subdomains
FOR $38.95/YR
GET THE DEAL

Home : SSL Help : WordPress : How to Protect WordPress Login & Admin Panel with SSL / HTTPS

Post navigation

← Previous Next →

How to Protect WordPress Login & Admin Panel with SSL / HTTPS

Posted on by casey.crane
1 Star2 Stars3 Stars4 Stars5 Stars (14 votes, average: 43.57 out of 5)
Loading...

Quick Steps to Protect Your WordPress Site’s Login & Admin Panel Using a Secure HTTPS Connection

WordPress is among the easiest CMS (Content Management System) to use. More than 30% of websites and blogs on the internet are made using WordPress.

how to protect wordpress login admin panel with ssl

WordPress is a secure CMS, but still, it often becomes the target of cyberattacks. Henceforth, such incidents of WordPress sites getting attacked proves that you shouldn’t take WordPress website security lightly. Likewise, it’s required to keep your WordPress Admin area and its Login page secure to avoid such cyber-attacks. And one such way is by enabling the FORCE_SSL option, so you can prevent yourself from getting exposed to cyberattacks like “Man-in-the-middle attacks.”

Hasn’t Google Made It Mandatory to Have an SSL/TLS Certificate?

Google has made it compulsory to have an SSL/TLS certificate installed. But sometimes, even after you install an SSL/TLS certificate, some issues arise, and your site doesn’t load on HTTPS. For example, if you haven’t forced the HTTP version website to load on a secure HTTPS connection, your site visitors may still see the HTTP version.

At least, you should force the Login and Admin panel to load over SSL. And, having the FORCE_SSL option enabled, the WordPress site will force your Login and Admin panel to load using SSL. And the URL of the Login form and Admin panel will always load using HTTPS://.

WordPress SSL Certificates

Protect your WordPress website in minutes with WordPress SSL Certificate. It includes 256 bit encryption, $10K-$50K warranties, daily WordPress scanner, site seal and more.

Buy WordPress SSL Certificates

How to Enable & Use Force_SSL Option Within Your WordPress Website

Go through the below steps to enable the Force_SSL option:

Download & Edit wp-config.php File

Download the wp-config.php file from your website and open it using your favorite text editor, such as notepad.

Here’s the Steps to Download wp-config.php File

  • Login into your hosting account. (cPanel account).
  • Click File Manager under the FILES section.

file manager

  • Once File Manager opens, go to the home directory, click and open the folder named public_html.

public html option

  • On the right side, you’ll find the list of files. From that list of files, select the wp-config.php file and click the Download button from the above menu.

wp config file

  • After downloading the wp-config.php file, open it using any text editor (like Notepad++) and change settings for the FORCE_SSL option to true for both the Login page and Admin panel.

Change the Setting of FORCE_SSL_LOGIN in Your wp-config.php File to True for WordPress Login

By default, this FORCE_SSL_LOGIN setting is not specified within your WordPress wp-config.php file. Therefore, you’ll need to add it on your own if you’re doing it for the first time.

To enable this FORCE_SSL_LOGIN setting, add the below line of code into your wp-config.php file:

define( ‘FORCE_SSL_LOGIN’, true );

define force ssl login code

The best place to add is right after the line that sets WP_DEBUG, as shown in the screenshot.

Enable Setting for WordPress Admin by Enabling FORCE_SSL_ADMIN

As you did in the above step, do the same for enabling setting for FORCE_SSL_ADMIN.

define force ssl admin code

Add the below code below the FORCE_SSL_LOGIN:

define( ‘FORCE_SSL_ADMIN’, true );

Save & Replace wp-config.php File

Once you complete editing the previously mentioned codes, save the wp-config.php file. Login in to your cPanel account, go back to the File Manager and delete the old wp-config.php file and replace it by uploading it into the public_html folder with the present wp-config.php file that you just edited.

Note:

Before editing the wp-config.php file, it’s recommended to take a backup of your website using a tool like CodeGuard Backup. Henceforth, if anything goes wrong and your website stops working or creates an issue, you have an old working version of your website ready.

What Is wp-config.php File?

Wp-config.php file is a configuration file that’s part of all the self-hosted WordPress websites. Unlike other WordPress files, it doesn’t come built-in with WordPress, but it’s generated explicitly for the website during the installation process.

creating wp config

WordPress stores information of your website database within the wp-config.php file. Therefore, if anything goes wrong with this wp-config.php file, or if the wp-config.php file doesn’t have your WordPress website information, your site will stop working and instead generate an error.

Wrapping Up

Having an SSL certificate is a must, but sometimes your website creates an issue and fails to load on HTTPS even after installing an SSL/TLS certificate. Therefore, it’s recommended that once you install an SSL certificate, you edit your wp-config.php file and change the settings by adding FORCE_SSL_LOGIN and FORCE_SSL_ADMIN code. Then your Login and Admin panel will load forcefully on a secure HTTPS connection.

 

Related posts:

  1. How to Install an SSL Certificate in Your WordPress Site That’s Hosted on SiteGround Quickly
  2. How to Redirect HTTP to HTTPS in .htaccess for a WordPress Website
  3. How to Fix the ERR_SSL_PROTOCOL_ERROR in Your WordPress Website Instantly
  4. How to Change Your WordPress Website from HTTP to HTTPS
  5. 5 Best HTTP to HTTPS WordPress Plugins to Consider
  6. How to Install an SSL Certificate in WordPress Site Hosted on BlueHost
  7. How to Install an SSL Certificate to WordPress Site Hosted on Nginx Server
  8. Best SSL Certificates for WordPress From a Globally Trusted CA
This entry was posted in WordPress and tagged protect wordpress login panel with ssl by casey.crane. Bookmark the permalink.

Site Reviews

View All SSL Reviews

Petar N.Feb. 2025

Rating

"Excellent platform with a wide selection of solutions suitable just for you here you can find the right certificate just for your purposes and at the best prices. The support is very good. I highly recommend cheapsslsecurity.com to anyone who needs a certificate."

Raed NeshiewatFeb. 2025

Rating

"Very fast delivery. Installation was easy with no problems. If you are installing a wildcard SSL certificate on cPanel, you need to specify the actual domain name, don't try to install it on *.domain.com , you have to install it on each subdomain such as admin.domain.com, shop.domain.com,..etc. Use the same certificate for each subdomain you install. Good luck!"

Connect with us:

  • Facebook
  • Twitter

99.9% Browser Support:

Browsers

We Accept:

Payment
Thawte

Fastest and cheapest way to secure your domain within minutes.

from $8.95/yr
View All Certificates
FastSSL

SSL security at its finest without compromise.

from $5.50/yr
View All Certificates
Comodo

Get the cheapest prices on a flexible SSL solution from a trusted brand.

from $5.45/yr
View All Certificates
Thawte

SSL & code signing solutions at the lowest & best price.

from $29.17/yr
View All Certificates
TrustedSite Verified Site Seal
Customer Reviews

SSL Brands

  • RapidSSL
  • Comodo
  • Sectigo
  • GeoTrust
  • Thawte
  • DigiCert

SSL Products

  • Extended Validation
  • Wildcard Certificates
  • Organization Validation
  • Multi-Domain SSL
  • SAN SSL Certificates
  • UCC SSL Certificates
  • Domain Validation
  • Code Signing
  • Renew SSL
  • WordPress SSL

Support

  • SSL Resource
  • Knowledge Base
  • Sitemap
  • SSL Tools
  • SSL Comparison
  • FacebookFacebook
  • TwitterTwitter

Contact Us

  • Contact Us
  • Low Price Guarantee
  • Why So Cheap?
  • FAQ

© 2026 Web Security Solutions, LLC. All Rights Reserved.

  • Refund Policy
  • Privacy Policy
  • Cookie Consent
  • Disclaimer