Author: Mark

WP Config fix needed

In some cases, your wp-config.php will require some adjustments before the site works correctly over SSL. This usually happens when your site is behind a loadbalancer, or if your wp-config.php contains a hardcoded http:// URL in the WP_HOME or WP_SITEURL constant. Really Simple Security will fix this automatically in most cases, but fails if the wp-config.php file is not writable. To automatically fix this issue, make your wp-config.php file writable. Alternatively, you can do the following to manually fix this issue:

Mark November 15, 2021

Renewing a Really Simple SSL Let’s Encrypt SSL certificate

Really Simple SSL will let you know when your Let’s Encrypt certificate generated by Really Simple SSL is about to expire. Two weeks before the expiration date, you will see one of the following notices in your SSL settings dashboard: The SSL certificate has been renewed and requires manual installation in your hosting dashboard When the plugin has renewed the certificate but hasn’t been able to install the renewed certificate automatically, you will see the following notice: If you see

Mark November 12, 2021

OCSP Stapling

OCSP Stapling OCSP stands for Online Certificate Status Protocol. It is a tool to check the certificate status in real-time. When a user visits your site, an OCSP request is generally made to the Certificate Authority that issued the SSL certificate. This is done to verify the SSL certificate hasn’t been revoked. Since this check is done in real-time it can create a short delay. This is where OCSP stapling comes in. In short, OCSP stapling saves the results of

Mark November 3, 2021

MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING

MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING This is an uncommon error which can occur when there’s an issue with OCSP stapling on your webserver. It happens when OCSP stapling is required, but not available. We recommend to contact your hosting provider about this issue, they will be able to enable OCSP stapling which will fix the issue. The other reason this error can occur is if you are behind a proxy. If that is the case, you can try the following to access the site:

Mark August 4, 2021

Protect SSL generation directories

Protect SSL generation directories this warning occurs when your SSL certificate files aren’t protected. This happens when Really Simple SSL has created an ssl/certs and ssl/keys directory in your websites root folder. The public certificate (*.crt) being available is not an issue, it’s the private key (*.key) file that needs to be protected. To fix this issue, you can modify the file permissions to 644 for the .crt file and 600 for the .key file. You might have to ask your hosting provider

Mark August 2, 2021

Recent

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Our journey towards Really Simple Security

Categories

Most popular