Steps to take after migrating to SSL

Leon Wimmenhoeve
May 17, 2026
9:22 am

Step 1. Mixed Content Scan

After installing Really Simple Security and activating SSL, it is still possible that your site is flagged as not secure. The most common cause for this is ‘Mixed content’.

If you do not see the secure lock in your browser address bar, you still have mixed content. It is very important that this is fixed because browsers will display ‘insecure site’ warnings to visitors of the site.

Step 2. SSL Health Check

Really Simple Security includes the SSL Health Check, by Qualys. You can scan your site directly for common SSL issues in the plugin’s dashboard, or by visiting the Qualys SSL Labs website.

Step 3. Security Headers Scan

The Security Header scan will check if all recommended Security Headers are enabled, and whether they use the recommended settings for optimal protection.

Really Simple Security allows for you to configure all of these with the click of a button, and also recommends the settings you should use.

Bonus Step 4: Security Features

Really Simple Security comes with many other important security features. This includes various WordPress Hardening tweaks, Vulnerability Detection, Two Factor Authentication, Limit Login Attempts, IP/Geo-based restrictions, and much more.

Have a look at the plugin’s other recommended security features under the Security -> Settings tab, and enable them to get peace of mind!

What to do next

You have HTTPS active and your site is running cleanly. That is a good start. Here are three more things worth setting up:

Login protection. Your login page is publicly accessible by default. Limiting login attempts, hiding the login URL, and enabling two-factor authentication all make it significantly harder to break into.
WordPress hardening. A few configuration changes, disabling XML-RPC, removing version information, restricting file editing, close common attack vectors without affecting how your site works.
Vulnerability scanning. Outdated plugins and themes are the most common entry point for attackers. Really Simple Security Pro scans your site and flags known vulnerabilities automatically.

Take the next step with Really Simple Security

The Pro version adds two-factor authentication, advanced hardening, vulnerability scanning, and a firewall, all in the same plugin you already have installed.

See Really Simple Security Pro Features

Simple and Performant Security.

Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate generation.

In this article

SSL & HTTPS, SSL Installation

Installing an SSL certificate on Site5

The Chrome lock icon deprecated in September 2023

Really Simple SSL per Page and Social no longer supported

Installing an SSL certificate on MediaTemple

Generate an SSL certificate with Let’s Encrypt

Converting a private.pem private key to an private.key RSA private key

Hosting Providers with Free SSL

Renewing a Really Simple SSL Let’s Encrypt SSL certificate

OCSP Stapling

How to add a TXT record to DNS

Install a free SSL Certificate with Really Simple Security

MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING

Categories

Most popular