SSL

New features for free and pro version coming up

Both Really Simple SSL and Really Simple SSL have a new release coming up.

In 2.4, the mixed content fixer has been rebuilt. Also the mixed content fixer detection, which prior worked with a small comment at the bottom, is now changed to a data attribute. This way, ajax calls don’t get bothered with the comment anymore, and minification tools do not strip the comment away anymore. The result should be that the plugin can see better if the mixed content fixer is doing it’s work.

The coming pro version has some cool new features as well! Included in this release will be:

HSTS preload list.

For those who don’t know already, the current version of Really Simple SSL pro gives the option to enable HSTS, or HTTP Strict Transport Security. This settings tells browsers that it must only use HTTPS to connect with your site. This makes your site more secure, but the browser still needs to connect with your site before it can see that header.

To fix this you can enter your site on the preload list. This enables browser to know beforehand if a website must be visited over SSL.

A warning is needed here: it is not easy to remove a site from the preload list, and you have to force all your subdomains over SSL as well. This makes it impossible to use on per page activated SSL on a multisite website.

Mixed content fixer for the back-end

I’ve always held the position that plugin developers and theme developers should develop protocol independent. That is, if you need a hardcoded url to an external site, use // instead of http://. That said, it still occasionally happens that plugins or themes generate mixed content on the back-end, and that the developer is not willing to fix the problem. For these cases, I added the option to enable the mixed content fixer for the back-end as well.

Related Articles

  • Really Simple SSL 2.2.16 released

    Some of you might have noticed, but the release of 2.2.13 didn’t go as smoothly as planned. During extensive testing and a beta period there didn’t come up anything, so...
  • Checklist for migrating to SSL

    When people migrate to SSL, they tend to forget a few things, that can cause worries. So, I will make a short list here of the most important things you...
  • Really Simple SSL 2.4 released

    Today the 2.4 version is released. The mixed content fixer has been rebuilt, which should make it work in almost all situations. The marker which makes it possible for the...
  • SSL only on a few pages?

    If you need to exclude certain pages from SSL, or if you want to have just a few pages on SSL, than the latest plugin I’veĀ  release might just be...

Leave a Comment