Really Simple SSL pro

Really Simple SSL pro optimises your site for SSL, configuring your site to enjoy the full protection your SSL certificate can offer. This includes all relevant Security Headers, like HTTP Strict Transport Security, contains an extensive scan for mixed content issues and includes access to premium support!

Extensive scan which enables you to detect the source of mixed content that couldn’t be fixed automatically, with fix button
Premium email support
HttpOnly and secure flags to make cookies secure/encrypted
Improve security by enabling HTTP Strict Transport Security for your site
Submit your site to the HSTS preload list
Easy implementable security headers: X-Content-Type-Options, X-XSS-Protection, X-Frame-Options, Expect-CT, Certificate Transparency, No Referrer When Downgrade header, Content Security Policy, Upgrade Insecure requests. Read the security headers article for more info
Warning by email and in your SSL dashboard when your certificate is about to expire
Mixed content fixer for the back-end

The scan works also when your site is still on http, so you can check for issues before you activate SSL!

The scan checks your theme files, plugin files and database for references to stylesheets and javascript libraries with http:// links, or resources (like images on http domains) that would be blocked over SSL. This scan is built to detect these kind of mixed content even when you’re not on SSL yet. Each result has fix button, or if automatic fix is not possible, instructions how to fix it. To read more about the kinds of mixed content the scan searches for, you can read this article.

See also the installation instructions to get an idea of how it works.

A license allows to install and use Really Simple SSL pro on a site for an unlimited period of time
Continuously developed: we’re adding new features continuously to improve your site security
Hassle free install: This plugin is built as add-on for Really Simple SSL, so does not require you to deactivate Really Simple SSL
Fast: Website performance will not suffer in any way
One year updates and support. To continue to receive support and updates, licenses must be renewed after one year (not compulsory).
Works with all SSL certificates. A valid SSL certificate is required for this plugin to work.
Licenses are renewed yearly at 30% discount and can be cancelled at any time (see your account page)

For multisite there is a dedicated multisite plugin, Really Simple SSL pro multisite

Show Change Log

= 2.1.7 =

Tested with WordPress 5.3

= 2.1.6 =

Enabled some security headers by default.
Show HSTS preload option after enabling HSTS option without reloading page
Updated support tab to pre-fill fields on really-simple-ssl.com, directly sending from support tab resulted in some undelivered e-mails

= 2.1.5 =

Optimized licensing requests

= 2.1.4 =

Improved support tab request processing

= 2.1.3 =

fixed a bug where an empty regex matching group produced false positive http:// scan results

= 2.1.2 =

Added right-to-left text support
Scan error is now dismissible
Fix: certificate valid to date now only shows when the corresponding option has been enabled

= 2.1.1 = * Fix: no check for CSP violations when CSP not enabled. = 2.1 = * Added Content Security Policy Generator * Added security headers * Fix: moved emptying of results in blocked url\'s outside of loop * Added Danish, Hungarian and Polish languages = 2.0.24 =

Updated and added Dutch, Ukrainian, Russian, German, Portuguese, Italian and Hungarian translations

= 2.0.23 =

Tweak: added notices in license tab
Tweak: admin notices will no longer show in Gutenberg edit screen
Tweak: added visual feedback when fixing a scan results item
Tweak: added notice when free plugin has been renamed
Tweak: removed untraceable results from scan results
Tweak: blog count fix for multi-networks

= 2.0.22=

Tweak: added caching to redirect_to_http() function to prevent timeouts
Tweak: updated Portuguese translations

= 2.0.21 =

Fix: fixed a bug in the redirect_to_http() function

= 2.0.20 =

Added support tab
Tweak: improved mixed content scan regexes
Tweak: added a redirect to http:// check before activating SSL

= 2.0.19 =

Fix: fixed a bug where ignored urls were being added to the ignored urls array, even if they were already present.
Tweak: the /plugins/, /wp-admin/ and /wp-includes/ directories have been excluded from the scan to increase performance.

= 2.0.18 =

Fix: html closure in activation message

= 2.0.17 =

Tweak: removed background running of scan
Tweak: removed HTML from translatable strings

= 2.0.16 =

Tweak: updated notices to be in line with free notices

= 2.0.15 =

Tweak: when the scan is finished it now shows the text Scan Finished and the progress bar turns green
Fix: improved external css and js detection regex pattern

= 2.0.14 =

Fix: run javascript only on own settings page
Fix: ajax url on some functions not correct
Fix: scan results only outputting after a refresh

= 2.0.13 =

Tweak: updated the scan cron to prevent it from running without first starting the scan manually

= 2.0.12 =

Updated the scan functionality to use run in the background as well

= 2.0.11 =

Added scan support for the wp_postmeta table
Fix: the show ignored URL\'s option now works correctly

= 2.0.10 =

Fix: certificate expiration warning showed even when cert is still a long period valid if no valid response is received.
Fix: config screen still showing error while not blocked URL\'s were left, because a 0 == \'string\' comparison return true.

= 2.0.9 =

Tweak: the plugin will no longer scan its own folder for mixed content
Tweak: the scan now contains a number of common false positives in the $safe_domains array to prevent them showing up in the scan

= 2.0.8 =

Tweak: added a notice when the HSTS header is set using PHP on NGINX servers

= 2.0.7 =

Fix: fixed a bug where the $has_result in the external CSS and JS scan was set to true when there were no results

= 2.0.6 =

Tweak: added a warning when inserting HSTS headers via PHP

= 2.0.5 =

Fix: deleted unnecessary transient delete

= 2.0.4 =

Added support for Widgets in the mixed content scan
Tweak: changed icon classnames from icon to rsssl-icons

= 2.0.3 =

Tweak: option to disable flushing of rewrite rules on activation

= 2.0.2 =

Tweak: added secure cookie settings
Tweak: added notice if secure cookie settings couldn\'t be applied automatically

= 2.0.1 =

Fix: made the HSTS option available when using the pro plugin on a multisite installation
Tweak: updated the Easy Digital Downloads plugin updater to version 1.6.14

= 2.0.0 =

Fix: moved scan data to transients, so large scan data arrays won\'t clutter the database
Updated the \'Scan for issues tab\'
Fix: scan results are now shown in a responsive layout
Fix: fixed a bug where protocol independent (//) files and/or stylesheet were not being scanned

= 1.0.33 =

Fix: adjusted the HSTS header so it will also work in three redirects
Fix: not all hot linked images were matched correctly in the scan

= 1.0.32 =

Fix: When mixed content fixer is activated, urls are replaced to https, which prevented the scanner from finding these urls. A replace to http fixes this.
Fix: Regex pattern updated to match the pattern in the free version, to prevent cross elemen matches.
Fix: Changed priority of main class instantiation to make sure it instantiates after the core plugin

= 1.0.31 =

Removed direct redirect to primary URL, as preload list requires a two step redirect, first to https.

= 1.0.30 =

Fixed issue where preload HSTS setting wasn\'t saved when HSTS header was already in place.
limited .htaccess edit to settings save action.

= 1.0.28 =

Added certificate expiration date admin notice
Bypass redirect chain
Fixed SSL per page compatibility issue

= 1.0.27 =

Added dutch translation
Fixed typo in copyright warning box
Fixed spacing between buttons in copyright warning box
Tweak: added settings link to pro plugin in plugins overview page
Fix: fixed a bug where curl function did not increment iteration, so redirect loops were not circumvented. Use wp_remote_get instead.

= 1.0.26 =

Added expiration warning functionality: enable it in the settings to get an email if your ssl certificate expires.
Fixed a bug that detected if the HSTS should be added in the .htaccess or in the code
HSTS now available for NGINX as well
Fixed a bug where the last js and css files were not parsed for http urls.

= 1.0.25 =

css styling fixes
fix bug in admin mixed content fixer.

= 1.0.24 =

Bug fix in importer.php

= 1.0.23 =

Bug fixes

= 1.0.22 =

Added functionality to fix mixed content issues
several bug fixes

= 1.0.21 = * Made license notice dismissable = 1.0.20 =

Extended safe list of domains for scan
fixed a bug in licensing notice for multisite.
fixed a bug where the scan freezes because of not loading external url\'s

1.0.19

Mixed content fixer for the back-end
HSTS for multisite
HSTS preload list

1.0.18

Tweak: added possibility to deactive license

1.0.17

Tweak: also checking for http links in form actions
Fix: bug caused empty scan results to show, even when no scan had been executed
Fix: last queue item was shown as nr 0, instead of the last nr

1.0.16

Fix: bug where not all found blocked urls would show up
Fix: also searching for the escaped values of a url in the database.

1.0.15

Added option to switch between file_get_contents en curl for http requests.

1.0.14

Added the option to disable the brute force database scan, which in some cases freezes the scan.

1.0.13

Tweak :Improved file_get_content error handling

1.0.12

Tweak: switched url request method to file_get_contents, because of some servers having issues with curl.

1.0.11

Tweak: increasing the page fetching timeout and lowering the number of pages that are requested in one run decreases risk of errors.

1.0.10

Tweak: saving the license key will activate it at the same time

1.0.9

Fix: in some rare situations the adapted pluginurl function caused an error
Fix: if more than one blocked url was found in a post, it was incorrectly added to the list of untraced items as well

1.0.8

Tweak: include css only on settings page
Integration with Really Simple SSL per page
Lowered number of files checked in one run

1.0.7

Fixed a bug where multiple files with mixed content could in specific cases cause the scan to \"hang\"

1.0.6

Fixed a bug where styling could conflict with other plugins.

1.0.5

Fixed a bug in the license activation

1.0.4

Fixed a bug where some stylesheets were not detected.

1.0.3

More detailed feedback on which urls are encountered

1.0.2

Improved fix instructions.

1.0.1

Extended search to entire database

Initial release

Really Simple SSL pro

Cart

Download details

Related downloads

Popular Articles

How to setup Google Analytics and Google Search Console/Webmaster Tools

How to check if the mixed content fixer is active

Remove .htaccess redirect on site lockout

How to track down mixed content or insecure content

How to fix the ‘no response from webpage’ warning

Share to get 10% discount!

You May Also Like