... there's always a but
This is a bit stupid. I'm starting to understand how this works but not quite yet
Although Wordpress has everything admin below
/wp-admin/ (which we are now securing), the
login and
registering procedures files are on the
web root (/) so those even more important communications are not encrypted at all. And this is a silly way of using SSL
So I should also make the following files roll under HTTPS but I think I can't yet grasp the thing
- wp-activate.php
- wp-login.php
- getablog.php (which is just a symlink to wp-signup.php)
- wp-signup.php
- wp-valid.php
If you can still help
The book... do you know of one *good* about mod_rewrite and the rest and that you could recomend?
Well! You don't have a wishlist so I thank you this way:
THANK YOU!
Best,
Lopo