Insecure page if there are www. before on wp-login.php

mvied / wordpress-https

WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.

http://wordpress.org/extend/plugins/wordpress-https/

95 stars 41 forks source link

Insecure page if there are www. before on wp-login.php #47

Open PeopleInside opened 8 years ago

PeopleInside commented 8 years ago

Hi, admit the website with HTTPS active is https://website.com the log in page is https://website.com/wp/wp-login.php if here I edit in the bar browser the https to http and put www. before website.com and than press Enter the log in page is loaded without SSL.

Hope to see this plug in updated, is used by many people.

Also in the /wp-admin/ log in page if you replace https with http and add www. before the log in page is loaded without SSL.

PeopleInside commented 6 years ago

See https://wordpress.org/support/topic/insecure-admin-login/ maybe some details can be helpful.

09 March 2018: As this can take long time to be fixed I will add a fix on my side but issue still be present. Issue will be fixed on my website but not in this plugin