Ok, undo what you did to the wp-login.php file. You should *never* modify a core file like, and the Codex documentation does not tell you do that.
Instead, add *only* this line to *only* your wp-config.php file:
define('FORCE_SSL_ADMIN', true);
See https://codex.ww.wp.xz.cn/Administration_Over_SSL#To_Force_SSL_Logins_and_SSL_Admin_Access for details.
Thanks James.
I have reverted changes added in wp-login.php.
Also I have added above setting in wp-config.php file. But still my wp-login.php doent redirect me to https version of login.
Do I have to add any other setting?
please advice.
Would you please give us a link to the affected site?
Are you using any other plugins that modify HTTPS or your login system?
Why do you have two login URLs?
Do you have two separate WordPress installations in subdirectories of each other, or is this a single multisite installation?
Hi James.. I work with Sarika. There are 2 logins because there are 2 installations on the domain.
Initially there was a WP install at /blog/. Later we built some public pages using WP. Hence the 2nd login
Ok, that might be the problem. It’s generally not recommended to have two installations underneath each other. Permalinks won’t work right, as well as other bits.
I recommend moving the second to a subdomain, like blog.mlmleads.com
If you want to do that, follow this guide for that: https://codex.ww.wp.xz.cn/Moving_WordPress#Changing_Your_Domain_Name_and_URLs
Given the amount of things that can go wrong when an installation is under another, your current issue is pretty much going to be impossible to troubleshoot further.
Hi James, moving the blog would not be something I would ideally want to pursue as the site is ranked #1 at google for our keyword sets. And there are 9 years of posts there. Permalinks work fine. There have been no issues running the 2. We’re pursuing this issue due to PCI compliance for credit card processing on the domain.
Additionally since you’re not certain that the 2 installations are the issue, I can’t see moving the blog installs just to find out whether that’s the issue or not.
It’s not intuitive to me that the 2 installs would cause a conflict. Each should ideally operate as their own install just as an install on domain1 should operate independent of that on domain2.
Is there some other way we can force the login to redirect to https? Any other method?
define('FORCE_SSL_ADMIN', true); is supposed to work, I have never encountered a situation where it doesn’t without some sort of outside, third-party, or doing-it-wrong™ influence. WordPress is just designed for define('FORCE_SSL_ADMIN', true); to work.
There is a slim chance that using the https://ww.wp.xz.cn/plugins/wordpress-https/ plugin may work. I have seen it miraculously work on sites that just can’t be done the-right-way™, but I have also seen it break practically everything.
As long as you have two instances of WordPress installed under themselves on the same domain, you will run into problems. I’m honestly surprised this is the first time you’ve encountered any.
