Geek Flare

Learn Web Security, Cloud Computing, Middleware, Blogging

Disable SSL if locked out WordPress with WP Security Plugin

By Chandan Kumar in WordPress August 6, 2016

Geek Flare Blog post is sponsored by Netsparker Web Application Security Scanner.

Over the weekend, I implemented SSL through Cloud Flare and configured WP Security plugin to have SSL on a front end and admin dashboard.

wp-security-ssl-settings

It was all ok until I decided to disable the WP Security plugin for the time being to troubleshoot my Thrive Leads issue. My WordPress admin dashboard was locked out and giving “Redirect lookup” error.

The front end was giving problem too but I was able to make my website operational by removing HTTP to https redirection. But this didn’t work for admin dashboard.

If you are having a similar situation then not to worry, here is how you can escape this issue.

As usual, don’t forget to take a backup of existing configuration, which you will be modifying shortly.

  • Login to your server (if you are on shared hosting then it would be your cPanel)
  • Go to htdocs or root location of your WordPress website
  • Edit wp-config.php
  • You will notice following two lines where SSL is defined as true
// iThemes Security Config Details: 2
define( 'FORCE_SSL_LOGIN', true ); // Force SSL for Dashboard - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard
define( 'FORCE_SSL_ADMIN', true ); // Force SSL for Dashboard - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard
// END iThemes Security - Do not modify or remove this line
  • Change that true to false so it should be like below.
// iThemes Security Config Details: 2
define( 'FORCE_SSL_LOGIN', false ); // Force SSL for Dashboard - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard
define( 'FORCE_SSL_ADMIN', false ); // Force SSL for Dashboard - Security > Settings > Secure Socket Layers (SSL) > SSL for Dashboard
// END iThemes Security - Do not modify or remove this line

That’s all. Try to access to your admin dashboard and it should be ok.

Share
Tweet
Pocket
Buffer

Chandan Kumar

Chandan Kumar is the founder of Geek Flare. He loves to share his knowledge to help others. Connect with him on Twitter and LinkedIn.
show more articles from Chandan Kumar

3 ways to be in touch.

Subscribe in Facebook Messenger

Enjoy reading so far? Don't miss out the latest article. Get them in your email, Facebook or Twitter. 

Reader Interactions

Comments

  1. Antal says

    Hi Bernhard,

    I have a huge problem with iTheme Security. Enabled SSL and have been completely locked out of my website.
    As you probably figured by now, I am not an experienced WP user. Could you help me with this issue?
    I contacted iTheme Security, but had no response yet.

    I tried the modification you suggested, but didn’t sort out the issue.

    Site is still unavailable: “HTTP ERROR 500” Nor can I access it from back end.

    Your help would be greatly appreciated.

    Best regards,
    Antal

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Kinsta Managed WP Hosting

Founded by Chandan Kumar | © Geek Flare LLP · 2015-2018

Share
Tweet
Pocket
Buffer