dont know yet what a hook is, but thanx anyway :)
i'll look up for the plugin you said.
If spam is your problem, why don't you try this plugin:
http://community.elgg.org/pg/plugins/project/774755/developer/RayJ/spam-login-filter
It took away 99% of my spam and that 1% can be reported so it won't bother other forums using the stopforumspam.
Regards,
Rafael
Sorry I thought you meant you had already setup the ssl on the server.
I've always thought the login-only https feature was a bit strange. It's simpler to just make the entire site https and then redirect http to https using mod rewrite. In this case it's all server config; you wouldn't need to change anything on the Elgg side.
https login only is important for those sites that want the security for the log in but not the server load for encrypting all the pages.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.