Step 1. Mixed Content Scan
After installing Really Simple SSL and activating SSL, it is still possible that your site is flagged as not secure. The most common cause for this is ‘Mixed content’. If you do not see the secure lock in your browser address bar, you still have mixed content. It is very important that this is fixed because browsers will throw all sorts of warnings at users, who might get scared.
Step 2. SSL Health Check
New in Really Simple SSL is the SSL Health Check, by Qualys. You can scan directly on the Really Simple SSL Dashboard or on the Qualys website
Step 3. Security Headers Scan
The security header scan will check if recommended security headers are enabled, and if these contain the correct values. The reason we started our own scan is due to outdated values being recommended by other 3rd party scans.
Don't forget
Your website now runs over SSL, which means your URL has changed from http:// to https://domain.com. Make sure third party tooling are still working correctly, for example Search Console
Want all steps done automatically and more...?
Consider upgrading to Really Simple SSL Pro. Which includes all recommended and advanced headers. All new and available hardening features, a mixed content scan any many more features on the horizon.
