SSL

Really Simple SSL 3.0 available for beta testing

Really Simple SSL 3.0 is almost ready to be released. A number of changes have been made to the plugin that we would like to have tested by the community before releasing it to the public. We have done extensive testing ourselves and haven’t found any issues, but testing on a lot of different servers and configurations would help us confirm our test results.

The technical changes only concern new activations, so should not impact existing sites. The main goal of this update was to improve the reliability of the certificate check, which is only activate when SSL is not enabled yet.

The following changes have been made in version 3.0:

  • Added a certificate check in the class-certificate.php file. This certificate checks if the site url is present in either the Common Names or the Alternative Names section of the certificate. If the plugin fails to detect the site url in either of these, a warning will be shown. The certificate class also checks if it can detect a wildcard certificate on multisite setups. If not, it will show a warning too
  • The .htaccess redirect option is now inserted with a $1 redirect instead of {REQUEST_URI}. On existing sites this will only be changed when the settings are saved, otherwise the current redirect will stay as it is. When extensive rewriting is done in the .htaccess, as can be the case with caching plugins for example, the REQUEST_URI can be different from the actual requested URL, while $1 stays the same.
  • The deactivate button now shows “deactivate (revert to http)” to notify users pressing it will revert the site back to http://.
  • If a user wants to deactivate the plugin while staying on SSL, this is now possible from the plugin settings page. This can be done with the ‘Deactivate but keep SSL’ button. Deactivating of course results in the plugin functionality not being available anymore. For details on this please read this article before using it.
  • A filter for the Javascript redirect has been added. This way theme developers can conditionally deactivate the javascript redirect, if enabled.
  • A sidebar with plugin suggestions from Really Simple Plugins projects has been added to the settings page of Really Simple SSL (only if the Really Simple SSL pro is not installed).

The Really Simple SSL 3.0 beta can be found on Github

Any feedback is much appreciated!

Related Articles

  • Easy Digital Downloads Moneybird integration

    Moneybird is a great accounting tool. Originally started as a simple invoice sending tool, it has now turned itself into a pretty allround accounting tool. And I think it’s pretty...
  • Really Simple SSL 2.5.19

    Two fixes have been added in 2.5.19: Multisite Due to a merge where two multisite filters were not uncommented (uncommented code should have replaced commented out code) the 2.5.18 release...
  • Really Simple SSL 2.5.20

    Today a minor update for Really Simple SSL was released. No major changes: New option: switch mixed content fixer hook In most sites the template_redirect hook works fine as hook...
  • HSTS: HTTP Strict Transport Security, and why it’s good to have it

    HSTS, or HTTP Strict Transport security is an option in Really Simple SSL pro, and I guess most people just activate it, just because you can. But it’s good to know...