Category: SSL & HTTPS

My website does a double redirect to https, or does not 301 redirect

Some users ask for a fix for a double redirect. But Really Simple SSL does not do a double redirect! The plugin uses two ways to redirect: a generic redirect in the .htaccess which redirects all incoming requests to https, but only if the request is not https (otherwise, a redirect loop would occur). If this redirect could not be inserted, a Javascript will function as a backup, which is also conditional: only if the request is not https will

Leon Wimmenhoeve February 15, 2016

How to setup Google Analytics and Search Console

When you move your site to SSL, you might have to adjust your settings in Google Analytics and Google Webmaster Tools/Search Console accordingly. It’s not much work, but it’s important that you fix it. In short: you will need to set your primary domain to your https domain, in both Webmaster Tools and Google Analytics. I’ll discuss Search Console first, but it really doesn’t matter in which order you do this. Prefix or domain validated Before making any changes, check

Leon Wimmenhoeve February 8, 2016

Removing Mixed content fixer comment from HTML source

Really Simple Security adds a data-rsssl=1 attribute to the page source. This makes it easy to check if the Mixed content fixer is active. This is necessary because sometimes other plugins block the Mixed content fixer. If this comment does not appear, you know there is a conflict. Some users have asked us how to remove this comment, and the plugin contains a filter that makes it possible to remove this attribute. Please note: the automatic detection of plugin conflicts

Leon Wimmenhoeve January 23, 2016

Enabling SSL for just one page, or excluding one page or URL

Why SSL on one page? If you don’t want to move to SSL entirely because you’re afraid to lose your ranking, don’t worry. If you redirect your site with 301 permanent redirects, this does not happen. Still, there might be some use case to only enable SSL on a specific page. For instance, your site might use a service that doesn’t support SSL/HTTPS. Trying to get that service to start supporting SSL is always the preferred solution. But if you’ve

Leon Wimmenhoeve January 8, 2016

No SSL detected, but I’m sure I have SSL

No SSL was detected If you see this message reported by Really Simple Security, this can mean two things: You don’t have an SSL certificate. You can check this on ssllabs.com/ssltest The certificate check in Really Simple Security failed, because the output on your server differs from the expected output. If the scan on SSL Labs checks out, you can get Really Simple Security to detect SSL simply by loading the admin over SSL: Go to the login page of your

Leon Wimmenhoeve January 5, 2016

Recent

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Our journey towards Really Simple Security

Categories

Most popular