December 17, 2011

By Kevin

Comments Off on WordPress SSL Administration and Login

Categories: JavaScript, WordPress

Tags: ,

WordPress SSL Administration and Login

I wanted to configure my WordPress blog so that it would use SSL for the WordPress login and for the Administration Dashboard.  I found plugins that would achieve this for me but it would not redirect back to HTTP when not on the login page or the administration dashboard.

To accomplish this I wrote a script that checks the location.pathname to see if it matches the regular expression “.*wp-.*”. This way it will only find a match if on the login page or the administration dashboard. I then created the next script to use if you browse the site while logged in. It changed the protocol to HTTPS, I made it all work by putting the PHP script in the wp-config.php that checks if logged in and then calls the scripts.

Kevin

<script type="text/javascript" language="javascript">
var protocol = location.protocol;
var hostname = location.hostname;
var pathname = location.pathname;
var href = location.href;
var wpAdminMatch = location.pathname.match(".*wp-.*");
if (protocol == "http:" && pathname == wpAdminMatch) { protocol = "https:"; location.replace(protocol + "//" + hostname + pathname) }
else if (protocol == "https:" && pathname != wpAdminMatch) { protocol = "http:"; location.replace(protocol + "//" + hostname + pathname) };
</script>
<script type="text/javascript" language="javascript">
var protocol = location.protocol;
var hostname = location.hostname;
var pathname = location.pathname;
var href = location.href;
if (protocol == "http:" ) { protocol = "https:"; location.replace(protocol + "//" + hostname + pathname) } else { };
</script>
$current_user = wp_get_current_user();
$Path=$_SERVER['REQUEST_URI'];
$URI='http://www.kevinverver.com'.$Path;
$feed_url ='http://www.kevinverver.com/blog/feed/';
$feed_secure_url ='https://www.kevinverver.com/blog/feed/';
if (0 == $current_user->ID && $URI != $feed_url && $URI != $feed_secure_url) {
    echo '<script type="text/javascript" src="/blog/sslcheck.js"></script>';
}
else if ($URI != $feed_url && $URI != $feed_secure_url) {
     echo '<script type="text/javascript" src="/blog/ssllogin.js"></script>';
}