Using WordPress ‘force_ssl_admin()’ PHP function

The force_ssl_admin() WordPress PHP function is used to determine whether to enforce SSL (Secure Sockets Layer) on the Administration Screens.

Usage

Here’s a simple usage example:

if ( force_ssl_admin() ) {
  echo 'Administration should be performed over SSL';
}

And here’s how you can change the return value:

force_ssl_admin(true);

if ( force_ssl_admin() ) {
  echo 'Administration should be performed over SSL';
} else {
  echo 'This code will never execute';
}

force_ssl_admin(false);

if ( force_ssl_admin() ) {
  echo 'This code will never execute';
} else {
  echo 'Administration should NOT be performed over SSL';
}

Parameters

  • $force (string|bool) (Optional) Whether to enforce SSL in admin screens. Default: null

More information

See WordPress Developer Resources: force_ssl_admin()

This function was introduced in WordPress version 2.6.0 and it’s not deprecated.

Examples

Changing SSL preference

This will first set the administration screens to use SSL, then it will revert it back:

// Enforce SSL
force_ssl_admin(true);
echo 'SSL is enforced.';

// Stop enforcing SSL
force_ssl_admin(false);
echo 'SSL is not enforced.';

Checking SSL preference

This code will check whether SSL is enforced for admin screens:

if (force_ssl_admin()) {
  echo 'SSL is enforced.';
} else {
  echo 'SSL is not enforced.';
}

Reverting to default SSL state

The following code will reset SSL enforcement to its default state:

force_ssl_admin(FORCE_SSL_ADMIN);
echo 'SSL state has been reset to default.';

Enforcing SSL and checking state

This example enforces SSL and then checks if it was successful:

// Enforce SSL
force_ssl_admin(true);

// Check SSL state
if (force_ssl_admin()) {
  echo 'Successfully enforced SSL.';
} else {
  echo 'Failed to enforce SSL.';
}

Disabling SSL and checking state

This example disables SSL and then checks if it was successful:

// Disable SSL
force_ssl_admin(false);

// Check SSL state
if (force_ssl_admin()) {
  echo 'Failed to disable SSL.';
} else {
  echo 'Successfully disabled SSL.';
}