http://felipe1982.com is the site hosted by HM. I have already configured a SSL cert for it (free one, not paid, just self-signed). I'd like it to work on my Wordpress blog, but it seems to fail. https://www.felipe1982.com/photos is an example of what happens. The URL gets mangled and "~felipeo1" my HM username gets stuck in the middle.

What I want to do is encrypt the admin login session. I have NO other users on the blog, just me. I am not comfortable with plain text logins.

I read up on some of the available plugins to solve this sort of thing, but I was wondering if somebody has any previous experience with this, to avoid me making some serious and terrible mistakes to my blog (i don't really quite trust WP plugins too much. I have a few adsense ones installed, because I see them causing no harm.)

Relevant plugins found:
http://wordpress.org/extend/plugins/force-ssl/
http://wordpress.org/extend/plugins/admin-ssl-secure-admin/
http://wordpress.org/extend/plugins/secure-admin/
http://wordpress.org/extend/plugins/login-encryption/

when you use hm free ssl you are accessing your page through https://secure.hostmonster.com/~yourusername

that is still showing the contents of your public_html directory

for example if you typed http://www.hostmonster.com/~yourusername it would redirect you to the page above

so if you had a wp in a subfolder of your public_html named wp the address you would go to would be https://secure.hostmonster.com/~yourusername/wp

or for your example above https://secure.hostmonster.com/~yourusername/photos

and you will notice the certificate is signed for the domain hostmonster.com so it all works out

if the wp configuration file has a variable for https then change the value to reflect the new page or post back and we will go from there but i doubt it as i just looked at my wp-config.php file and theres nothin in it to establish a static http or https. it is very flexible

can I create my own SSL cert (on my own computer) and upload it for use on HM? Will this then be a cert for my own domain (felipe1982 dot com) and host HM's?

Without getting a CA-signed Cert, and a static IP address, what other way can I get https;//felipe1982.com to work for my domain, without showing my ~username in the URL?

you will have to get a dedicated ip if you want to use your own cert. i believe it is $2/month extra. if you are only using it for personal access i would just use the hm cert. its just as secure.

The HM one is just as secure. But does not work correctly with wordpress login page . Anything I can do about that?

It's doubtful. The reason is, I believe, that Wordpress (as well as Joomla!) take a configuration variable that sets the "home" url/directory for the site to work properly. All links, therefore, will be appended with this config variable, and if the url changes, say, to accomodate a secure page, then that page will most likely break.

In Joomla! there might be a way around this, but I haven't looked too closely at it as I don't have the funds to purchase a dedicated IP address and/or a SSL cert to play with and give a definitive answer. I'm sure Falcon can probably answer this question in more detail as it concerns Wordpress.

~regards