SSL

Really Simple SSL 2.5.14, minor update

2.5.14 was released today, with two adjustments:

  • A bug was discovered in the mixed content fixer, where a match was found on http links across html elements when newlines were removed by optimization plugins. If a link element was found, but the href was https, it would match the first href=”http, which could be an external hyperlink.
    It didn’t come up before, as it only causes an issue in a very specific set of conditions.
  • The wp_rest_api was not forced over SSL yet with PHP. Although the .htaccess redirect should redirect any requests to https, NGINX servers won’t be able to use this. This has now been adjusted.

 

Related Articles

  • Next step in Google’s push for an all SSL internet

    Since this january, many of you may have received a notification from Google Search Console about non-secure pages where passwords or creditcard data are being submitted. Beginning in January 2017,...
  • Certificate expiration check in Really Simple SSL pro

    There’s something strange with uptime robots: they don’t detect expired certificates. So even though you don’t get any messages that your site is down, it might be if your SSL...
  • Really Simple SSL 2.2.16 released

    Some of you might have noticed, but the release of 2.2.13 didn’t go as smoothly as planned. During extensive testing and a beta period there didn’t come up anything, so...
  • Really Simple SSL 2.5.20

    Today a minor update for Really Simple SSL was released. No major changes: New option: switch mixed content fixer hook In most sites the template_redirect hook works fine as hook...

2 Comments

  • ao

    It was redirecting my homepage to the login page. I hope this update will take care of that issue. Nice plugin by the way. Thanks

    • Rogier Lankhorst

      Yes, the wp_safe_redirect had me confused: it can’t be used on the front-end, as it redirects to the login page instead of a similar but safe url. It also kicks in when the www version of the site is used for example. This is fixed as of 2.5.15. Sorry for any problems this might have caused. Somehow this didn’t pop up in the tests. Tests are being improved to prevent this in the future.