Category: SSL & HTTPS

If you have several subdomains or add-on domains but do not use WordPress Multisite, you’ll need a way to prevent Really Simple SSL from forwarding all subdomains to https. That is, if these subdomains do not have an SSL certificate of course. 1. Under Settings -> SSL & Security -> “Settings” in the top menu bar -> SSL, disable the 301 PHP Redirect and enable the .htaccess 301 redirect. 2. Navigate to the “General” tab on the Really Simple SSL settings

Sometimes users have the issue that all pages get 404 errors when Really Simple SSL is activated. The cause is different from user to user and from server to server. Re-save the permalinks Even though Really Simple SSL flushes the internal rewrite rules, it sometimes helps to do this again. You can find the permalinks in settings/permalinks. Re-saving makes sure the WordPress rewrite rules get flushed. Photon from JetPack Photon uses a CDN service to speed up loading for your

If you are experiencing problems on your site that you do not have when Really Simple SSL is deactivated, there are some steps you can take to track down the cause. Note: this article aims to help resolve issues when migrating your site to SSL/HTTPS. If you experience an issue with the Really Simple SSL plugin itself, e.g the Dashboard does not load correctly, please visit this article instead: “Debug a blank Settings page in Really Simple SSL”. Clear your

Sometimes users get the issue that their images are not visible on the site after activating SSL. However, the images are loaded with SSL links and load fine when loaded directly. So this is not a mixed content error. When you look in the Chrome console (Right mouse click, Inspect element, Console), you will see a lot of red error messages, all stating that the image has a 403 forbidden error. In most cases when this happens, the hot link

If you enabled HSTS on your site, you’ll have to clear it from your browser after you disabled it again. Otherwise, your site willl keep loading over SSL. There are two ways to do this. The first sets the .htaccess header, which resets it for all users: Resetting the HSTS header using the .htaccess If you set the expiration time on your HSTS header in the .htaccess to zero, the HSTS header should expire immediately. <IfModule mod_headers.c> Header set Strict-Transport-Security