Today I had to secure a BuddyPress site with a standard SSL certificate.

Adding define(‘FORCE_SSL_ADMIN’, true); to your wp-config.php file will get you most of the way there. This simple step will secure your wp-admin and wp-login.php pages, but it will not secure the BuddyPress end of things.

To force SSL on BuddyPress member, group, forum, and registration pages, you need to add the following to your .htaccess file:

#Force BuddyPress member, group, forum, and registration pages to use SSL - via http://codex.wordpress.org/Administration_Over_SSL
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)\ HTTP/ [NC]
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^/?(members/|groups/|forums/|register/) https://yourdomain.com%{REQUEST_URI}%{QUERY_STRING} [R=301,QSA,L]

(Make sure to change “https://yourdomain.com” to your actual url.)

I pretty much suck at .htaccess tricks, so let me know if you know a better way to pull this off. ūüôā

Check out the SSL page in the WordPress Codex for more info.


We love to communicate: phone, email, text, Facebook, Twitter, LinkedIn, you name it.




Enroll in Our Free Beginner WordPress Class - delivered to your Email Inbox!

Become a WordPress superstar for FREE in only minutes a day!  Our free Beginner WordPress Email Class will be delivered to your inbox!

Learn More 

You Have Successfully Enrolled! Prepare For Amazing!