[wp-trac] [WordPress Trac] #18680: Make SSL login-only possible (while leaving admin unencrypted)
WordPress Trac
wp-trac at lists.automattic.com
Tue Sep 27 17:19:51 UTC 2011
#18680: Make SSL login-only possible (while leaving admin unencrypted)
-------------------------------+------------------------------
Reporter: multimule | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.2.1
Severity: normal | Resolution:
Keywords: reporter-feedback |
-------------------------------+------------------------------
Changes (by nacin):
* keywords: => reporter-feedback
Comment:
> However, WordPress is currently missing an option to have ONLY the login
data sent encrypted and go on to the admin interface via a normal (non-
encrypted) connection.
I can't reproduce this. FORCE_SSL_LOGIN (set to true) controls the login
data. FORCE_SSL_ADMIN controls the admin.
FORCE_SSL_ADMIN implies FORCE_SSL_LOGIN (if you lock down the admin, you
lock down login data) but the reverse isn't true. FORCE_SSL_LOGIN does not
make the admin https.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/18680#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list