[Plugin: WordPress HTTPS (SSL)] Preventing users from loging in to WordPress.

I rolled back to 3.0, and can now get into Dashboard. But my site no longer shows the green lock, just the nasty red slash through the HTTPS. I don’t know if this is a problem on my end, or a result of deactivating 3.0.1 and rolling back. When I check Force SSL Exclusively in my HTTPS Settings, I get the message SSL Admin – FORCE_SSL_ADMIN and FORCE_SSL_LOGIN can not be set to true in your wp-config.php.

Do I need to edit wp-config.php, and if so, what do I add or delete?

I loved this plugin when using 3.0 previously, and want it to work again. Will upgrade to 3.0.1 when the admin login bug is fixed.

Hey sbrittig,

A lot of people say their users “can’t login” but that doesn’t tell me anything. What’s happening? Why can’t they log in?

Remove define('FORCE_SSL_ADMIN', true); and/or define('FORCE_SSL_LOGIN', true);

Thanks,
Mike

I’m not sure why I couldn’t log in. What happened: I brought up log in page for WP admin after upgrade of plugin, my username and password were saved and auto-entered. I hit submit to log on, but the page refreshed with my username and password blanked out. I manually typed in both, hit submit, and the same refreshing and blanking out of fields occurred. It simply would not recognize my log in info. After deactivating and reinstalling 3.0, the login worked again. Wish I could be of more help here.

Thanks for the instructions on code editing–Worked, and my site is showing secure again!

Mvied,
Well, I had to uninstall the plugin so my users could access content. I gave the only description I had about it not working prior to that: it showed mixed content (secured and unsecured), the same issue sbrittig described. It wasn’t a big deal at the time; I don’t have a ton of user and there is no personal data stored in their accounts. I was a bit hasty in stating I wouldn’t re-install it as it did work for the most part. I’ll keep up with your updates and try to give you some more information on what exactly wasn’t working.
Thanks.

Hey all,

I’ve fixed a number of issues and have released 3.0.3. Please update and let me know if you have any issues. Please start a new topic with any issues.

Thanks,
Mike

3.0.3 is now in use on my test environments and no problems so far. Rolling it to production use soon after.

On additional question though: Could WordPress HTTPS be made to support Login With AJAX so that its widget would submit the form via HTTPS when force HTTPS administration is checked?

Another thing I thought is that would it make sense to have separate options for forcing HTTPS administration and forcing HTTPS login? On a site where there is only a HTTPS certificate that displays an error message on most browsers, but is otherwise perfectly usable, it might be in the administrators’ interests to protect the administration of the site without troubling the casual users with scary error messages.

After updating a production site and syncing a replica of it to be a test site, the test site doesn’t work. I noticed that the value of ‘wordpress-https_ssl_host’ in the database now has a trailing slash.

For anyone with a similar test site replication setup knowing of this change saves time. Without updateing the replication script wp-login.php of the test site will redirect to the production site preventing logging in to the test site.

Apart from this 3.0.3 works in my environment great exactly the same way 3.0.2 does. Thanks!

I GOT IT WORKING.

you must follow these exact instructions:

BEFORE upgrading:

Reset your settings in WP-HTTPS
Go to plugins > deactivate WP-HTTPS
Delete WP-HTTPS (delete all files and data)
GO UPGRADE

Install fresh WP-HTTPS 3.0.3 and activate it.
Go to the admin > edit page that should be HTTPS encrypted in the admin
uncheck the “secure child post” (why is it checked by default?”)
check the “secure post”
go to HTTPS settings > check “Force SSL Exclusively”

If you upgraded and are already locked out of your admin, you will need to access your site via FTP and delete the plugin. Then install the old version zip file if you have it. Luckily I had the old version installed on another site so I FTP downloaded it and zipped it myself. then i uploaded the zipped old version into the plugin area and installed it that way.