Author: Leon Wimmenhoeve
How to fix blocked resources to domains without SSL certificate
If you have Really Simple Security Pro installed, you might get the warning that your site contains a reference to an external resource that cannot load over SSL. If this file is from a third-party service you are using, it’s best to contact the vendor and request if the service can be provided over SSL as well. If that is not possible, you can try the steps below. Please take care not to violate any intellectual property rights: always ask
Manually insert .htaccess redirect http to https
Let Really Simple Security handle the .htaccess redirect In most cases, you can let Really Simple Security handle the .htaccess redirect. The plugin has an option that inserts the detected .htaccess redirect rules. To select it, log in to your WordPress admin, and navigate to: Security -> Settings -> SSL. This is where you can select the Redirect Method and set it to “.htaccess 301 redirect”. If you enable this, Really Simple Security will detect the appropriate .htaccess redirect for your set-up.
My website does a double redirect to https, or does not 301 redirect
Some users ask for a fix for a double redirect. But Really Simple SSL does not do a double redirect! The plugin uses two ways to redirect: a generic redirect in the .htaccess which redirects all incoming requests to https, but only if the request is not https (otherwise, a redirect loop would occur). If this redirect could not be inserted, a Javascript will function as a backup, which is also conditional: only if the request is not https will
How to setup Google Analytics and Search Console
When you move your site to SSL, you might have to adjust your settings in Google Analytics and Google Webmaster Tools/Search Console accordingly. It’s not much work, but it’s important that you fix it. In short: you will need to set your primary domain to your https domain, in both Webmaster Tools and Google Analytics. I’ll discuss Search Console first, but it really doesn’t matter in which order you do this. Prefix or domain validated Before making any changes, check
Removing Mixed content fixer comment from HTML source
Really Simple Security adds a data-rsssl=1 attribute to the page source. This makes it easy to check if the Mixed content fixer is active. This is necessary because sometimes other plugins block the Mixed content fixer. If this comment does not appear, you know there is a conflict. Some users have asked us how to remove this comment, and the plugin contains a filter that makes it possible to remove this attribute. Please note: the automatic detection of plugin conflicts