Opened 3 years ago
#42833 new defect (bug)
Wordpress forces non-ssl login in described circumstance even though FORCE_SSL_ADMIN is set in wp-config
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 4.9.1 |
Component: | Administration | Keywords: | |
Focuses: | Cc: |
Description
Wordpress provides an http login page in this circumstance:
- Put the following in wp-config.php: define('FORCE_SSL_ADMIN', true);
- Log into your Wordpress site via wp-login.php with an admin login.
- Click Visit Site (home icon) at the top of the page.
- Open a new brower tab.
- Log into your Wordpress site in the new tab via wp-login.php.
- Go back to previous tab.
- Click on Edit Page.
It then displays the login box with http instead of https. (Ideally it would not require a new login at all, but instead would use the session from the new tab.)
Note: See
TracTickets for help on using
tickets.