SSL

Really Simple SSL 3.0 available for beta testing

Really Simple SSL 3.0 is almost ready to be released. A number of changes have been made to the plugin that we would like to have tested by the community before releasing it to the public. We have done extensive testing ourselves and haven’t found any issues, but testing on a lot of different servers and configurations would help us confirm our test results.

The technical changes only concern new activations, so should not impact existing sites. The main goal of this update was to improve the reliability of the certificate check, which is only activate when SSL is not enabled yet.

The following changes have been made in version 3.0:

  • Added a certificate check in the class-certificate.php file. This certificate checks if the site url is present in either the Common Names or the Alternative Names section of the certificate. If the plugin fails to detect the site url in either of these, a warning will be shown. The certificate class also checks if it can detect a wildcard certificate on multisite setups. If not, it will show a warning too
  • The .htaccess redirect option is now inserted with a $1 redirect instead of {REQUEST_URI}. On existing sites this will only be changed when the settings are saved, otherwise the current redirect will stay as it is. When extensive rewriting is done in the .htaccess, as can be the case with caching plugins for example, the REQUEST_URI can be different from the actual requested URL, while $1 stays the same.
  • The deactivate button now shows “deactivate (revert to http)” to notify users pressing it will revert the site back to http://.
  • If a user wants to deactivate the plugin while staying on SSL, this is now possible from the plugin settings page. This can be done with the ‘Deactivate but keep SSL’ button. Deactivating of course results in the plugin functionality not being available anymore. For details on this please read this article before using it.
  • A filter for the Javascript redirect has been added. This way theme developers can conditionally deactivate the javascript redirect, if enabled.
  • A sidebar with plugin suggestions from Really Simple Plugins projects has been added to the settings page of Really Simple SSL (only if the Really Simple SSL pro is not installed).

The Really Simple SSL 3.0 beta can be found on Github

Any feedback is much appreciated!

Related Articles

  • Really Simple SSL 2.5.18 beta release

    2.5.18 is in beta, and can be tested! Please test this new version and let us know your experiences! Removed JetPack SSL fix, as it is now incorporated in JetPack....
  • SSL only on a few pages?

    If you need to exclude certain pages from SSL, or if you want to have just a few pages on SSL, than the latest plugin I’ve  release might just be...
  • Secure cookies with HttpOnly, secure and use_only_cookies

    Since version 2.0.2, Really Simple SSL pro and Really Simple SSL pro multisite contain a new feature which enables setting secure cookies by default. It uses the HttpOnly, secure and...
  • Really Simple SSL 3.0.2

    The 3.0.2 version includes two minor fixes: Usage of uppercase on images caused images on the SSL settings page to show as “not found” We recently discovered a situation where...