SSL

2.3.10 release

As WordPress 4.6 was due to release today, I was planning to release the new version of Really Simple SSL as well. No really big changes, but ‘ll list them here for reference (of course they’re also in the readme.txt)

  • Tested for 4.6.
  • I changed the check for the .htaccess redirect from checking the RSSSL comments to checking the redirect rule itself, which is a bit more precise. It is possible therefore that you now start seeing a notification which you didn’t see before about this.
  • The .htaccess not writable message was show even before the SSL was enabled. I’ve changed it, as it would seem a bit strange.
  • I noticed more and more people having issues with forms with remote endpoints: a form pointing to a different domain. This can cause mixed content issues, so I’ve added a regex to replace those urls to https too.
  • A user reported that in Multisite, in case you are using the per page setup, the “view site” url is https, even if the site is not on SSL. It appears that the get_admin_url returns an https url always. So I’ve added a filter for get_admin_url() that replaces it back to http when the site is not on SSL.

Having ideas or suggestions? Let me know!

 

Related Articles

  • Really Simple SSL 2.3.8

    Some small but important tweaks were added to the latest release of 2.3.8. In previous versions, javascript was used as fallback when .htaccess redirects were not possible. A much better...
  • Version 2.2 released

    Yesterday the new version was released. With support for per site activation on WordPress multisite, easy uninstall option, and even less overhead on the front-end, which was pretty good already...
  • Really Simple SSL 2.4 released

    Today the 2.4 version is released. The mixed content fixer has been rebuilt, which should make it work in almost all situations. The marker which makes it possible for the...
  • Secure cookies with HttpOnly, secure and use_only_cookies

    Since version 2.0.2, Really Simple SSL pro and Really Simple SSL pro multisite contain a new feature which enables setting secure cookies by default. It uses the HttpOnly, secure and...