views:

55

answers:

3

Hello,

I have the requirement of running the Wordpress admin over https. We use a cdn to deliver cached content for the site but the cdn cannot accept secure traffic (only one SSL cert per IP allowed, and we run several sites off it). I cannot control redirects for httpS://www.mysite.com/.

I would like to have:

http://www.mysite.com/blog/
httpS://secure.mysite.com/blog/wp-admin/
httpS://secure.mysite.com/blog/wp-login.php

I have tried rewriting the urls as suggested in the article http://codex.wordpress.org/Administration_Over_SSL#Virtual_Hosts.

``Hypothetically, you could use a host with a different name, such as wpadmin.mysite.com''

Unfortunately trying this as suggested still sends me to httpS://www.mysite.com/blog/login.php.

# No matter what it redirects to the wrong subdomain for login.php
http://www.mysite.com/blog/wp-admin/
-> httpS://secure.mysite.com/blog/wp-admin/
-> httpS://www.mysite.com/blog/wp-login.php.

Also when directly going to the css files still link to the wrong url (httpS://www...)

The simple solution would have been to run the blog off http://blog.mysite.com/blog/. Unfortunately this has been tried and was decided against for SEO reasons.

Is there anyway Wordpress can do this?

+1  A: 

Not too sure if you have seen this article but it's pretty comprehensive when it comes to Wordpress Admin over SSL. Scroll down to the part about Virtual Hosts, and there is information there about setting up the wp-admin as a subdomain.

http://codex.wordpress.org/Administration_Over_SSL

Stoosh
Yep - I tried this. I've updated the question to reflect the problem I'm having with login.php.
CoffeeMonster
A: 

If you're using Apache to serve over SSL, look into mod_proxy.

Using it you can transparently redirect all requests from https://secure.mysite.com/blog/ to http://www.mysite.com/blog/.

sanmai
I am already running mod_proxy and doing exactly this. Unfortunately wordpress is forcing urls to `https://www.mysite.com/`.
CoffeeMonster
Check into `ProxyPreserveHost` directive. You need to switch it on. After that you need to add `ServerAlias secure.mysite.com` to the WP vhost config.As a last resort you can hack WP to do what you need. Googling reveals a number of HOWTOs.
sanmai