Secures the backend AND the frontend with ssl when you are logged in. If a user logs in and calls a http site you will be redirected to the equivalent https site. You do not have to manually define FORCE_SSL_ADMIN
in the wp-config.php
. The authentication cookies will be ssl secured.
There is no protection against ssl leaks. If you follow a http link, a men in the middle could, for example, see which site you enter.
But he cannot steal your login session! 😀