When the built in deactivation does not work, manual uninstalling

Installing SSL can be tricky. If another plugin redirects to http or your certificate is not valid, a redirect loop could occur, resulting in a not accessible back-end. This plugin is shipped with a simple way to deactivate remotely, without access to the back-end. Though this should always work, as a fall-back I’ll describe how you can remove all aspects of this plugin.

To know what we have to do, we have to know what the plugin does:

  1. Add fixes to the wp-config.php (when necessary).
  2. On Apache servers, if you enabled the htaccess redirect option, a .htaccess redirect.
  3. Change site and home URL to https.
  4. Dynamically fixes mixed content and adds javascript redirect.

So summarising, we have to roll back the wp-config.php, the .htaccess, and the site and home URL.

Item 4 is dynamic (does not change anything, only the output of your website). So, this will be taken care of by renaming the plugin file, which deactivates it.

So we have to do the following:

1) Deactivate the plugin

Deactivate the plugin by renaming the plugin folder.
Open your FTP client, navigate to wp-content/plugins/ and rename the really-simple-ssl plugin to really-simple-ssl-off

2) If used, remove .htaccess redirect

Then, still in the FTP client, find your .htaccess file (make sure hidden files are shown), in the webroot, and remove all lines between these comments (and the comments themselves as well)

# BEGIN rlrssslReallySimpleSSL


# END rlrssslReallySimpleSSL

3) Remove changes in the wp-config.php

Now, still in your webroot, find your wp-config.php, open it and check if any lines were added by Really Simple SSL. If so, remove those lines.

Don’t forget to remove the reference to ‘advanced-headers.php’ if these are present.

4 a) Change site URL and home URL back to http://

Now, add

 update_option( 'siteurl', 'http://example.com' );
 update_option( 'home', 'http://example.com' );

To your functions.php. You can find the functions.php in wp-content/themes/your-active-theme/functions.php.

Use a new browser (or clear your browser history completely), browse to your HTTP link, and check the result.

4b) Change site URL and home URL to http://, database method

If you can’t get it to work using method 4a, you can change the URL back to http directly in the database.

https://codex.wordpress.org/Changing_The_Site_URL. Scroll down to Changing the URL directly in the database and follow the instructions.

After following these steps, you can be sure the plugin does not affect your site anymore. If you are still having trouble, something else is affecting your site. In that case, try disabling plugins until it works again. Remember to keep clearing your browser cache.

If you have enabled HSTS, you have to clear it from your browser specifically.

Many issues stem from the fact that people forget the browser can be pretty persistent in remembering your site was on SSL. Sometimes a caching plugin can cause a lot of trouble as well.

Lightweight plugin, Heavyweight Security features. Get Pro and leverage your SSL certificate for WordPress security standards.