I would like to get a SSL certificate for my WordPress site. Is it safe to switch from http to https? My host says it's an automatic install, but shouldn't I change all the URLs?
In my theme I have hard coded URLs, but also WordPress permalink PHP codes for example. The hard coded URLs can be changed, but how about the URLs in the Wordpress code itself and all the plugins? If I change that and there's an update it will all be lost I suppose.
I would like to have https all over the website. Will the site and all the plugins still work after I switch from http to https?
It is safe, but yes, you will have to change the hardcoded urls or establish redirections, the first option is better. There are plugins that help you with this, remember all internal linking in your posts has to change, too.
You can read here. This question is related.
Related
I have an wordpress website https://tricourilemele.ro . When doing an audit, my Security Score is showing an high issue: HTTPS URL links to an HTTP URL..
Looking at page source (in fact on all pages) i find these http://gmpg.org/xfn/11 and anther link - which in is in fact a page i made http://tricourilemele.ro/tricouri-personalizate/
Well... i found that http://gmpg.org/xfn/11 in my header is given by my theme - Storefront, even so it had many updates, they never changed that to https.
I tried with a plugin search / replace but i couldn't do any improves .more. i was afraid to try something else. I do not know many related to databases or so..
My problem is ...How could i change those 2 links from http to https?
Please, be
Thank you,
Marius
You'll need to find whatever file gmpg is in, and update the url to https. And then change the url accordingly for the site you created.
So the story begin, I installed new WordPress multisite for my client with ssl applied. Then, it should have https://. The ssl perfectly well done, where do I know it? because all http:// now redirect to https://. I don't have any issue with ssl. I use subdomain for the multisite.
Issue came when I try create new site. It's created the new site but have a non https://. Looks like this http://test.thesite.com/ instead https://test.thesite.com/. This behaviour makes all things programmatically content (e.g. create menu) have non https:// also. This is problem because even can redirect to https:// it makes the redirect always working, where it doesn't need to be like that if the url already have https://. FYI: it's working great in local environment.
I also have searched for it but no luck, only when I asked friend, he have same problem with me. He said it's a is_ssl() function that I need to rewrite the original one on a theme functions. But the issue raised again, it's a super admin level not on theme level, how can I inject it on super admin level. Or maybe anyone have suggestion for me what to do?
So then, finally I try to investigate myself. It's a feature not a bug. The condition itself not allow user to have a https even they install wildcard ssl and forced to ssl. It will never happen the subdomain multisite install having ssl by nature, except you edit manually the url in the network site management. There is condition that only subfolder/subdirectory will have ssl. Not sure what the reason behind it. But the problem solved and time to move on. You can use plugin for this.
I've successfully added SSL on my WordPress website and it's every URL is working well with https URL but there seems all images is missing. In dashboard, all images URL is converted to https URL but in front-end they are not showing any URL it just seems like
Please anyone could help me to solve this issue?
This is likely because the URLs to the images are now http, and may be being blocked by browser security settings. There's a handy plugin I often use to help sort out issues like this called Really Simple SSL:
https://wordpress.org/plugins/really-simple-ssl/
This plugin manages the URLs to include the correct protocol, etc. You may need to change any hard-coded URLs in your theme that do not use https however.
I have a website hosted on a GoDaddy wordpress hosting. We had an SSL, but not longer have the SSL. Google archive some pages with the SSL so I just want to redirect https requests to the http version of the sit.e I have access to the .htaccess file so I figured that was the best way to do it.
I have been searching around and tried tons of different .htaccess redirects, but none of them are working. Including this https to http 301 redirect via htaccess. I know the htaccess is functioning because wordpress is working and I added a few test redirects to it and they worked as well.
Any thoughts or suggestions would be much appreciated.
Thanks.
Wordpress has its own redirect procedure.
Check in the General Settings of you WP Panel for the WordPress Address and the Site Address fields. Make sure they both are non ssl absolute paths.
Another thing to check is on the wp-config.php
define('FORCE_SSL_ADMIN', true);
That could have been added by another plugin. Remove it or make it false.
One last thing you could try (not the best option) is to ask google to remove those specific links, here's a reference for that.
I hope this helps.
So, I've read a few articles/blogs on this issue, but here's mine:
When I activate "Force SSL" in Woocommerce settings, I get a 404 on any pages that have HTTPS.
I have a dedicated SSL certificate on my domain, and that is no problem. It is not caused by plugins, I have tested that.
I've heard that you need to modify the "default-ssl" file on your server. You apparently need to modify your htaccess file to match the settings of your "default-ssl" file. If this is not accessible on a shared hosting server, then this is not a viable solution for anyone who doesn't have a VPS or access to root level SSH.
I've also been told that you need to reset your WP permalink settings to default. This is bad for SEO and quite frankly, an "I failed" non-solution.
If there is a way to get around this problem that can be fixed by having access only to cPanel and FTP, then answer this question. If it is definitely not possible via these means, please tell me why.
I'm not sure whether this is something that is going to benefit others, but if you're on shared hosting, testing on a subdomain is a bad idea. Rather test on "www.yourdomain.com/testing/", as opposed to "testing.yourdomain.com". Don't ask me why, the nerdy reasons I will leave to the back-end guys who answer my questions with grammatically unintelligible questions and down-votes.
You can have custom domains on your Woocommerce site after all. Don't test on a subdomain.