Author: Leon Wimmenhoeve

Install a free SSL Certificate with Really Simple Security

You can use Really Simple Security to generate (and install) a free Let’s Encrypt SSL certificate on your WordPress website. Note: your hosting provider may prevent the manual installation of a third-party SSL certificate. Most commonly when the host also offer free SSL generation directly in their Hosting Control Panel. Some hosts only provide you with paid SSL certificate options. The Let’s Encrypt Wizard Really Simple Security skips the Let’s Encrypt Wizard if a valid SSL certificate is detected. If,

Leon Wimmenhoeve August 8, 2021

Installing SSL using shell functions

If you receive the following notice, while using Really Simple SSL to install a Let’s Encrypt SSL Certificate: Your server provides shell functionality, which offers additional methods to install SSL. If installing SSL using the default methods is not possible, you can install the shell add on. Below you will find the shell add-on to install Let’s Encrypt with shell functionality. Why an add-on? Some anti-virus software trigger on shell functions when these files are scanned. Although a false positive,

Leon Wimmenhoeve July 19, 2021

Installing SSL on Subfolders

It’s not possible to install an SSL Certificate on a subfolder. To enable SSL on a subfolder you can install an SSL Certificate on your root domain. As soon as you have that installed, you also have SSL on your subfolder. The only thing left to do now is to activate SSL in Really Simple SSL. Important A subfolder is different from a subdomain. The latter needs a wildcard to receive an SSL Certificate, while a subfolder can use the

Leon Wimmenhoeve June 15, 2021

Let’s Encrypt authorization with DNS

When installing a free Let’s Encrypt SSL certificate for your WordPress website, Really Simple SSL will by default handle the authorisation with a directory challenge. A file with a key will be created in the .well-known/acme-challenge directory. This is the easiest method, and can be handled automatically in most cases. In some situations, this is not possible. For example if you need a wildcard SSL certificate (for multisite) or if your hosting provider blocks the creation of the directory and file,

Leon Wimmenhoeve June 8, 2021

The Authorization Header is Missing

Since WordPress 5.6 we’ve been getting reports that users get an error message like this: “The Authorization Header is Missing”. The problem appears to be that Apache does not automatically send authorization headers. If that happens, the header has to be enabled in the virtual host file. I can’t say for sure that is has anything to do with the WordPress 5.6 update, we only noted that users are reporting it since then. Please note that this has nothing to

Leon Wimmenhoeve May 10, 2021

Recent

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Our journey towards Really Simple Security

Categories

Most popular