This is a simple way to setup a secure login for WordPress. Simply editing “wp-login.php” and looking for:
/** Make sure that the WordPress bootstrap has run before continuing. */
require( dirname(__FILE__) . ‘/wp-load.php’ );
Add after that:
force_ssl_admin(true);
Now when accessing login and registration pages, the browser redirects to the secure version.
Edit,
After looking into “wp-settings.php” some more, I found the following setting:
if ( !defined(‘FORCE_SSL_ADMIN’) )
define(‘FORCE_SSL_ADMIN’, false);
Copying the define line to my “wp-config.php” and changing false to true has ensured this will work even if “wp-login.php” ever gets updated.