SSL and Cookies in WordPress 2.6 « Ryan Boren. Although originally written for WordPress 2.6, it is still valid. I had to do a bit of hacking, as my WordPress server is not directly connected to the network, but behind a firewall (iptables with DNAT helped), but now I have properly secured admin cookies and am better protected against WLAN sniffers at public hotspots. The WordPress idea is really nice - not 100% security, as with my login cookie comments can still be posted under my name, but at least the administration is protected. However, it conflicts with the Safer Cookies Plugin, which I previously used to at least pin my cookies to the IP. Additionally, there is a patch that has gone through 3.1 and enables securing the login cookie as well.