https和http根文档目录不同时,如何设置用https访问WordPress后台

标题好长,一口气喘不过来。

WordPress后台设置https登录,貌似安全很多,通过在wp-config.php添加以下代码实现。

define(‘FORCE_SSL_ADMIN’,true);

在WordPress官方文档也提到在http和https两个虚拟主机里分别设置一个地址相同的链接:

Sometimes, you want your whole wp-admin to run over a secure connection using the https protocol. Conceptually, the procedure works like this:

Set up two virtual hosts with the same url (the blog url), one secure, the other not.
On the secure virtual host, set up a rewrite rule that shuttles all non-wp-admin traffic to the insecure site.
On the insecure virtual host, set up a rewrite rule that shuttles all traffic to wp-admin to the secure host.
Put in a filter (via a plugin) that filters the links in wp-admin so that once activated, administrative links are rewritten to use https and that edits cookies to work only over encrypted connections.

不想开启全站https,同时http和https在不同目录时,用rewrite转来转去实在麻烦。

其实通过Apache别名可以简单搞定,在https虚拟主机里写入如下代码:

Alias /blogurl /pathto/http/blogurl

这样,两个虚拟主机使用的是同一个目录,还可以避免插件、主题、上传文档各种不同步问题。
前面的/blogurl指的是https WordPress目录,这是一个虚拟目录,物理上不存在的。后面的/blogurl代表物理存在的http WordPress目录

不知道还有什么没发现的问题?

参考:https://codex.wordpress.org/Administration_Over_SSL

Tagged , , .

发表评论

电子邮件地址不会被公开。 必填项已用*标注