How To Secure BuddyPress with SSL

Today I had to secure a BuddyPress site with a standard SSL certificate.

Adding define(‘FORCE_SSL_ADMIN’, true); to your wp-config.php file will get you most of the way there. This simple step will secure your wp-admin and wp-login.php pages, but it will not secure the BuddyPress end of things.

To force SSL on BuddyPress member, group, forum, and registration pages, you need to add the following to your .htaccess file:

#Force BuddyPress member, group, forum, and registration pages to use SSL - via http://codex.wordpress.org/Administration_Over_SSL
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)\ HTTP/ [NC]
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^/?(members/|groups/|forums/|register/) https://yourdomain.com%{REQUEST_URI}%{QUERY_STRING} [R=301,QSA,L]

(Make sure to change “https://yourdomain.com” to your actual url.)

I pretty much suck at .htaccess tricks, so let me know if you know a better way to pull this off. 🙂

Check out the SSL page in the WordPress Codex for more info.

Posted in ,

The Mighty Mo! Design Co.

RSS From Toby’s Blog

  • Where uncertainty exists, don’t order specific.
    4 Idiot Case Studies with 2 simple age-old business lessons. The post Where uncertainty exists, don’t order specific. appeared first on Toby Cryns, WordPress Trainer in Minneapolis, MN.
  • “Now THAT was a good meeting!”
    A single effective meeting can change the course of history for a company. Imagine if you could lead effective meetings EVERY DAY! You can, but it takes curiosity & practice. This article is a good place to start your journey to a more effective you. The post “Now THAT was a good meeting!” appeared first […]
  • Never Respond to RFPs & Custom Proposal Requests
    Y'all who work at normal 9-5 jobs don't need to deal with the B.S. that is an RFP process (or rather you get paid to deal with it). But us freelancers gotta deal with a whole big bag of schtuff when it comes to custom proposals. Here's my quick-and-dirty RFP filtering process that I use […]

More posts from themightymo.com

How to merge two folders, including all sub-folders and files, on Mac

By The Mighty Mo! Design Co. | November 3, 2022

Today I had an issue where I needed to merge two folders, each of which contained many sub- and sub-sub folders that had lots of images. After a lot of trial-and-error and some Googling, I found the best solution is to use the “ditto” command in Terminal like this: That’s it! Hat tip to AppleInsider.

mailchimp usage stats

Some Surprising Trends in Website Development

By Toby Cryns | October 17, 2022

I wasted some time today to bring you (dum dum duuuuum!): Some Surprising Trends in Website Development!

How to Configure WordPress with Cloudflare, HSTS, TLS, and Secure Headers

By The Mighty Mo! Design Co. | October 11, 2022

I was recently asked to look into creating some secure http headers as well as forcing a website to load over TLS1.2+. Below are my “how to” instructions for updating these settings within WordPress and Cloudflare. Install & Configure the Cloudflare WordPress plugin. Make sure an SSL Certificate is installed on your host for your…

RSS From Toby’s Blog

  • Where uncertainty exists, don’t order specific.
    4 Idiot Case Studies with 2 simple age-old business lessons. The post Where uncertainty exists, don’t order specific. appeared first on Toby Cryns, WordPress Trainer in Minneapolis, MN.
  • “Now THAT was a good meeting!”
    A single effective meeting can change the course of history for a company. Imagine if you could lead effective meetings EVERY DAY! You can, but it takes curiosity & practice. This article is a good place to start your journey to a more effective you. The post “Now THAT was a good meeting!” appeared first […]
  • Never Respond to RFPs & Custom Proposal Requests
    Y'all who work at normal 9-5 jobs don't need to deal with the B.S. that is an RFP process (or rather you get paid to deal with it). But us freelancers gotta deal with a whole big bag of schtuff when it comes to custom proposals. Here's my quick-and-dirty RFP filtering process that I use […]