admin – PHP warning – Use of undefined constant ‘FORCE_SSL_LOGIN’ ‘FORCE_SSL_ADMIN’ on wp-config.php

I have a bothering PHP warning for ages, and I am wondering if someone has solution to this.
The following two-line warning is constantly recording in my error_log file:

PHP Warning:  Use of undefined constant ‘FORCE_SSL_LOGIN’ - assumed '‘FORCE_SSL_LOGIN’' (this will throw an Error in a future version of PHP) in /home/myuser/public_html/wp-config.php on line 92

PHP Warning:  Use of undefined constant ‘FORCE_SSL_ADMIN’ - assumed '‘FORCE_SSL_ADMIN’' (this will throw an Error in a future version of PHP) in /home/myuser/public_html/wp-config.php on line 93

In wp-config.php I have the following for line 92 and 93 lines:

define(‘FORCE_SSL_LOGIN’, true);
define(‘FORCE_SSL_ADMIN’, true);

line 91 is empty
and line 90 is define('WP_DEBUG', false);

More information:
My php version: 7.4.16;
Webserver: LiteSpeed;
cURL Version: 7.74.0 OpenSSL/1.1.1k.

I have this warning more than a year or two years and with different versions of phps

I am using the plug-in Really Simple SSL on my website as well and everything is fine with that.
I also use All-in-one security and firewall on my websites.

Deactivating of plug-ins didn’t help.
Any solution to this?

redirect – Is the default value of FORCE_SSL_ADMIN documented?

I got stuck for a while trying to understand how comes the site I’m managing performs HTTP to HTTPS redirection since:

  • I enabled SSL connection
  • I didn’t put a .htaccessfile
  • I didn’t set the FORCE_SSL_ADMIN constant in wp-config.php

Once I figured out the redirection was performed by WordPress and not the HTTP server, I ended up triying to do a massive grep -r 'FORCE_SSL_ADMIN' ./www, and I found this on default-constant.php (WordPress 5.7.2, line 328):

function wp_ssl_constants() {
     * @since 2.6.0
    if ( ! defined( 'FORCE_SSL_ADMIN' ) ) {
        if ( 'https' === parse_url( get_option( 'siteurl' ), PHP_URL_SCHEME ) ) {
            define( 'FORCE_SSL_ADMIN', true );
        } else {
            define( 'FORCE_SSL_ADMIN', false );
    /* (...) */

If I understand correctly, if the constant isn’t set and the siteurl entry (apparently the URL site value set in Setting page of the dashboard) begins is of scheme HTTPS://, then FORCE_SSL_ADMIN is set to true.

I may have wrongly searched, but what I found led me to think siteurl has to be set in order to let the redirection works, which is not the case.

Is this default behavior (redirection according to the site URL scheme) explained somewhere in the official documentation?


I have followed this advice of official documents to enforce SSL:

define('FORCE_SSL_ADMIN', true);
if (strpos($_SERVER('HTTP_X_FORWARDED_PROTO'), 'https') !== false)

WordPress runs in a Docker container. When it starts, they say

WARNING: The _SERVER variable is not set. By default, an empty string is used.

And the logs of WordPress show the following:

Fatal PHP Error: Assignments can only be assigned to writable values ​​in /var/www/html/wp-config.php

So _SERVER is the problem. How do I fix this?