Recently, I ran into an issue when trying to migrate an existing WordPress website to start using HTTPS, especially in the admin area. Even after migrating everything in the database over to use HTTPS, I ran into a 302 redirect issue when trying to log in.
NOTE: make sure an SSL certificate is configured for the site, or you’ll receive an invalid certificate error.
Add the following to your wp-config.php file at the very top (if you don’t add to top, you’ll run into yet another issue where your users will not have permissions to access anything in admin):
<?php<br><br>define('FORCE_SSL_ADMIN', true);<br><br>// in some setups HTTP_X_FORWARDED_PROTO might contain <br>// a comma-separated list e.g. http,https<br>// so check for https existence<br>if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)<br> $_SERVER['HTTPS']='on';<br><br><br>...
With this in place, you’ll see when you go into the administration area, you’ll always be redirected to use HTTPS.