WordPress 3.7.1
Better Wp Security 3.6.5
When enforcing ssl on a page, initially, the URL does display as https – but when trying to visit other pages on the site – they all try to load as https and do not revert to http, breaking the site.
I have the same behavior on my site. It shouldn’t: if the site is protected by SSL certificate, even WP “public” pages should be accessible through https. I haven’t figured out who is the culprit, WP, Better WP Security or the site server.
So in the meantime, I use this:
/**
* Always use http for public pages, even if the requested page
* is "SSL Enabled" (see Better WP Security's SSL on demand)
* Note. Needed as any attempt to access a public page with https url
* will fail. Don't know if it's a Better WP Security issue or
* a One.com server issue.
*/
function cce4_public_home_url($url, $path, $orig_scheme, $blog_id) {
global $post, $bwps, $bwpsoptions;
$scheme = parse_url( $url, PHP_URL_SCHEME ) === 'https';
$scheme &= ! is_admin();
$scheme &= 'wp-login.php' !== $GLOBALS['pagenow'];
if ( $scheme ) {
$url = set_url_scheme( $url, 'http' );
}
return $url;
}
add_filter('home_url', 'cce4_public_home_url', 4);
You need to set up your .htaccess files as usual. No special trick is required.
This will reverse the protocol for links to public pages but will keep https for the resources links, avoiding any SSL warning (“no data from the site”).
Thanks for that atao – but I solved my issue.
I have to think back now (it was quite some time ago) but I’m pretty sure that the problem was being caused by my caching plugin (Quickcache) at the time.
Amending the cache configuration and disabling and re-enabling the caching plugin afterwards did the trick as I recall – and Better WP Security then worked as expected to secure the single page.
I now use Quickcache Pro (which is great by the way), PHP 5.4 and the latest Better WP Security under WP 3.8.1 and everything is working as it should.
Thanks for your time in sharing your own solution.
