Force SSL
For those will an SSL certificate, the Force SSL plugin for Wordpress forces for an HTTPS connection for security purposes. This is useful for those who with to enforce a higher level of security regarding the delivery of Wordpress content to the browser.
This plugin works by redirecting any requests for pages via plain old http into requests for pages via https. This means that someone can't just remove the "s" from "https" and get their content from outside of a secure SSL connection. It's that simple.
You can read about the general technique on the announcement page, but here's the code snippet that does all the work, in case you're looking to implement this outside of Wordpress:
if($_SERVER["HTTPS"] != "on") {
$newurl = "https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
header("Location: $newurl");
exit();
}Download
Download the Force SSL plugin »
Installation
This plugin requires that you already have an SSL certificate purchased and installed on your site. If you can't browse your site by using a URL similar to "https://www.example.com/" - note the s after the "http" - then this plugin is not for you.
First, set your Wordpress address and Blog address to being with https, if you haven't done so already.
Then, download the plugin by saving the file above, and then renaming it to secure-files.php. You shouldn't need to rename the file if you downloaded the zip file.
Finally, upload the plugin to your /wp-content/plugins/ folder and activate it on the Plugins page. You're all set!
Support
Comments? Questions? Please visit our Forum »