Update: With the help of “mvied” we were able to get WordPress HTTPS to solve this issue. Version 1.9 supports Shared SSL and Shared SSL Admin. There is a nagging bug with cookies, but “mvied” is extremely helpful, and even took the time to login to my site, and muck with the plugin code to fix some annoying, but not show-stopping bugs with certain images not loading in WP-Admin. The thread where the public part of the discussion happened is here.
Since switching on Cloudflare on my site, I’ve been forced to disable SSL administration since CF won’t proxy SSL unless you pay for it. So, I’ve been searching for some way to have wp-admin and wp-login re-direct to a different subdomain (like ssl.staze.org) for administration functions. Unfortunately, there doesn’t seem to be any way to get this to work.
This page on wordpress.org seems to indicate it’s possible, but looking around online, and trying everything listed yields no successful results.
My hope is that I’ll find something, and post back here how it’s done, since information is scarce. If anyone knows how this is done, please contact me. I hate not having SSL enabled since I don’t feel comfortable using the iOS apps to post, or logging into my site from elsewhere in the world.
Josh says
Hi there, sorry to hijack this post for another topic, but I can’t seem to find a way to contact you. I saw your post at http://www.staze.org/wordpress-admin-ssl-subdomain and is in the same boat as you: shifted to cloudflare and now find myself without SSL. I’m a cheapskate and I’d rather not pay if I can help it. How is your experience with WordPress HTTPS plugin? Are you still using it to login to wp-admin via a HTTPS subdomain? Any advice for someone who’s new to it? Thanks a bunch!
staze says
Hey Josh,
Just moved the comment to the right post.
Anyway, no, I don’t use it anymore, but by and large I was very happy with the WordPress HTTPS plugin. You just have to set up a subdomain in CloudFlare that doesn’t use their caching, configure your webserver to serve that subdomain from the same wordpress directory as your main domain, and then set up WordPress HTTPS. It should, theoretically, just work. But I got a lot of good responses and help from “mvied” (the WordPress HTTPS author) when things didn’t work quite right. So, give it a go. Let me know!
staze says
Oh, and thanks for the reminder… I really need to get a contact form up. =)