Force SSL : Does it work with NGINX ?

  • TWD

    (@twd)


    5 years, 2 months ago

    If the “Force SSL” options are enabled (for dashboard only OR including front end) is any ADDITIONAL action required to make this work in an NGINX environment?

Viewing 4 replies - 1 through 4 (of 4 total)
  • nlpro

    (@nlpro)

    5 years, 2 months ago

    No, it just adds either the line below to the wp-config.php file (Enabled):

    define( 'FORCE_SSL_ADMIN', true ); // Redirect All HTTP Page Requests to HTTPS - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard

    or (Advanced):

    define( 'FORCE_SSL_ADMIN', true ); // Force SSL for Dashboard - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard

    depending on the chosen option value.

    Nothing NGINX specific, as far as I can see.

    To prevent any confusion, I’m not iThemes.

    • This reply was modified 5 years, 2 months ago by nlpro.
    • This reply was modified 5 years, 2 months ago by nlpro.
    nlpro

    (@nlpro)

    5 years, 2 months ago

    That said, the use of the PHP php_sapi_name() function in the SSL module’s code may cause a specific error when using CLI. But again this is not NGINX specific, as far as I can see.

    More details about the CLI related error here.

    Thread Starter TWD

    (@twd)

    5 years, 2 months ago

    Out of curiosity, I don’t see the difference between the two:

    define( 'FORCE_SSL_ADMIN', true ); // Redirect All HTTP Page Requests to HTTPS - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard

    or (Advanced):

    define( 'FORCE_SSL_ADMIN', true ); // Force SSL for Dashboard - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard

    in both cases it is :
    define( 'FORCE_SSL_ADMIN', true );

    nlpro

    (@nlpro)

    5 years, 2 months ago

    Yes, I noticed too.

    It seems in the past there used to be a FORCE_SSL_LOGIN constant which was deprecated in WordPress version 4.0.

    Now the constant FORCE_SSL_ADMIN can be set to true in the wp-config.php file to force all logins and all admin sessions to happen over SSL.

    The iTSec plugin SSL PHP code will handle the difference based on plugin SSL settings persisted in the database (Enabled/Advanced);-)

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Force SSL : Does it work with NGINX ?’ is closed to new replies.