The most concerning thing on Internet is the Security. Whether you are using Internet from home or working at an office, there is always the constant threat of hackers lurking around, trying to fish confidential information out from you. In WordPress, this confidential information is your administrator username and password. Once the hackers get hold of your login credential, they will be able to do what they want with your site, steal your members info (if you are using WordPress as a community site) and possibly bring down the whole site .
We have discussed plenty of tricks to secure WordPress, and enabling SSL encryption for your login session is yet another useful way to secure your blog.
If you are not aware, while using SSL encryption, all your data are encrypted before they are transmitted over the web. The encrypted data format data format makes it very difficult to be read by the other users.
To enable the SSL Security to your WordPress blog, you will need to have a SSL Certificate (consult your web host if you don’t have one) and then you can follow the below procedure to make it work with your blog.
- At first, Open your site directory either using cPanel File Manager or the FTP. I would recommend to use the File Manager instead of FTP.
- Once you reach the files directory of your WordPress installation, open the wp-config.php file.
- This is the WordPress configuration files and it is the most important in the whole WordPress system. After the file is opened, add the below code and save the file. You can add the code anywhere in the file, there’s no certain place for it.
/* Enable SSL Encryption */ define(‘FORCE_SSL_LOGIN’, true); define(‘FORCE_SSL_ADMIN’, true);
- From then on, your WordPress site Admin area will always load with the SSL Encryption. If your site domain is http://www.mydomain.com, it will load the admin area of the same with https://www.mydomain.com/wp-admin.
There are so many advantages of using the SSL for your site. The above process will force WordPress to use SSL encryption for the Administration area. It is not necessary to enable SSL encryption for the frontend (unless you are running a blog shop) since all the confidential information, like the Username and Passwords are used only in the Admin area, not anywhere else.
Image Credit: Reevoo.com