Now you know how to install SSL on a domain and how to implement it on your WordPress installation. A few days back a WordPress user emailed us saying that the majority of his website is not sensitive and also he has a resource limit so he only wants to enable SSL on his website login page and not on the rest of his website.
Using HTTPS i.e. a SSL certificate depends really on your needs. Likewise we have earlier discussed about SSL, it protects the transmission of sensitive information from the user to the web server.
Although enabling HTTPS site wide increases your security but it is fine if you just want to protect your website’s login page, admin area and payment pages with SSL because these are the weak sections of your website and it is more important to protect these sessions from hijacking attacks and firesheep etc.
Here’s how you can secure WordPress Login, Admin & Other Specific Pages With SSL:
If you are using the popular all in one purpose WordPress HTTPS (SSL) plugin then you can easily secure specific pages with SSL, we have already discussed about this here in this tutorial.
Or Alternatively, if you simply want to secure your login and admin area dashboard then go for Verve SSL plugin. The plugin is designed to set WordPress login and administration area to use HTTPS (SSL Certificate).
And when the user logs out from your website, the script again works and reverts back your website to HTTP automatically. The plugin enables SSL security for entire logged in session which means the plugin activates HTTPS even on frontend, for logged-in website users.
It works automatically and uses PHP only (no JavaScript). Also it automatically removes insecure content and updates it to secure while the user is logged in.
SSL for Logged In Users is another good plugin that forces all logged in website users to stay on HTTPS, SSL connection. Whereas guests are still served with http. All you need to do is simply install and activate the plugin and that’s it.