id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
18680	Make SSL login-only possible (while leaving admin unencrypted)	multimule		"There are two options to be set in wp-config.php to enforce secure connections.

With the following configuration, the login AND the backend will be done via SSL:
{{{
define( 'FORCE_SSL_ADMIN', false ); // or true
define( 'FORCE_SSL_LOGIN', true );  // or false
}}}
As those are 'FORCE' parameters, one might consider it correct that, even though one is set to 'false', both will be via HTTPS.

However, WordPress is currently missing an option to have ONLY the login data sent encrypted and go on to the admin interface via a normal (non-encrypted) connection. That scenario requires additional redirections on the webserver."	enhancement	new	normal	Awaiting Review	General	3.2.1	normal		reporter-feedback	johnbillion@…