SSL

Really Simple SSL 2.5.14, minor update

2.5.14 was released today, with two adjustments:

  • A bug was discovered in the mixed content fixer, where a match was found on http links across html elements when newlines were removed by optimization plugins. If a link element was found, but the href was https, it would match the first href=”http, which could be an external hyperlink.
    It didn’t come up before, as it only causes an issue in a very specific set of conditions.
  • The wp_rest_api was not forced over SSL yet with PHP. Although the .htaccess redirect should redirect any requests to https, NGINX servers won’t be able to use this. This has now been adjusted.

 

Related Articles

  • Really Simple SSL 2.3.8

    Some small but important tweaks were added to the latest release of 2.3.8. In previous versions, javascript was used as fallback when .htaccess redirects were not possible. A much better...
  • New features for free and pro version coming up

    Both Really Simple SSL and Really Simple SSL have a new release coming up. In 2.4, the mixed content fixer has been rebuilt. Also the mixed content fixer detection, which...
  • Next step in Google’s push for an all SSL internet

    Since this january, many of you may have received a notification from Google Search Console about non-secure pages where passwords or creditcard data are being submitted. Beginning in January 2017,...
  • Top 25% of hacked WP websites uses these three plugins

    In the latest article from Sucuri, they released some interesting data about the hacked websites they clean. 25% of the WordPress websites that were hacked were using one of three...

2 Comments

  • ao

    It was redirecting my homepage to the login page. I hope this update will take care of that issue. Nice plugin by the way. Thanks

    • Rogier Lankhorst

      Yes, the wp_safe_redirect had me confused: it can’t be used on the front-end, as it redirects to the login page instead of a similar but safe url. It also kicks in when the www version of the site is used for example. This is fixed as of 2.5.15. Sorry for any problems this might have caused. Somehow this didn’t pop up in the tests. Tests are being improved to prevent this in the future.

Leave a Comment