Upgrade Wordpress 2.0.x to 2.1; enable secure admininistration
To enable secure login and other administrative functions over SSL in WordPress, the latest version, 2.1, in conjunction with a plugin, provides a easy method of securing WordPress credentials. Here’s how I upgraded from Wordpress 2.0 to 2.1 on a server running Apache 1.3.x on Slackware 10.0.
- Create two virtual hosts with identical names and
DocumentRoots, one running under SSL and one running regular http (i.e. add SSL virtual host to/etc/apache/mod_ssl.confand regular virtual host to/etc/apache/httpd.conf). - Follow WordPress upgrade procedures; install and activate plugin.
- Backup local wordpress files, e.g.
tar cfjv packed_files.tbz2 /directoryToPack - Backup database (using plugin or otherwise).
- Disable plugins.
- Get latest Wordpress; download, unzip, overwrite files.
- Test (if it doesn’t work, restore your files from backup and stop here)
- If it works, update plugins as needed.
- Reactivate plugins and test, one by one.
- Download, install and activate a copy of the WordPress Secure-Admin SSL Plugin from haris.tv. The version from wp-plugins.org contains a bug that was fixed on haris.tv. Thank you, Haris!
- Backup local wordpress files, e.g.
There is no currently working “official” Secure-Admin plugin.
The one that is currently in the repository that you have linked to (and labelled ‘more official’) is the faulty one I originally downloaded and fixed (patched).
Haris
Comment by Haris — February 5, 2007 @ 5:38 pm