Quite a while ago, I equipped my blog with an SSL certificate, so that access via HTTPS is optionally possible. To date, however, I have failed miserably in forcing the login and administration via HTTPS and leaving the blog accessible via HTTP. There are numerous articles on this and the changeover itself is also very easy, but I made a simple mistake, which is why the whole thing never worked.
Basically, only one line needs to be added to the wp-config.php file. This is also in the WordPress Codex and is very easy to find via Google. According to the instructions I have the line
added to my wp-config.php. Well, unfortunately nothing happened at all. I thought it was a stupid mistake and didn’t think anything of it at first. Instead, I just changed my bookmarks so that when accessing the WordPress admin, I just always went over HTTPS.
Nevertheless, it always bothered me that I sometimes had a “fallback” to HTTP during administration, so I had to look for the right configuration again. Behold, I did something wrong. I found the solution here: [resolved] FORCE_SSL_ADMIN/LOGIN not working? There someone describes exactly the same problem. So I wasn’t alone. The solution is very simple: The define parameter is allowed not at the end of wp-config.php but must be there as early as possible stand. Changed directly, service apache2 reload and finally it works as expected!