Plugin Author: Really Simple Plugins
WordPress profile: Really Simple Plugins
Last updated: July 30, 2021 (2 days ago)
Tested up to (WP version): WP 5.8
Rating: 5 (out of 5)
Really Simple SSL automatically detects your settings and configures your website to run over https.
To keep it lightweight, the options are kept to a minimum. The entire site will move to SSL.
Three simple steps for setup:
- Activate this plugin
- Activate SSL in your hosting environment, or generate a free Let’s Encrypt certificate in Really Simple SSL.
- Enable SSL with one click
Always backup before you go! If you do not have a sound backup policy, start having one! See our recommendations.
Any code suggestions? We’re on GitHub as well!
Love Really Simple SSL?
Hopefully this plugin saves you some hours of work. If you want to support the continuing development of this plugin, you might consider buying the premium, which includes
some cool features.
- The mixed content scan, which shows you what you have to do if you don’t have the secure lock yet
- The option to enable HTTP Strict Transport Security
- The option to configure your site for the HSTS preload list
- Advanced security headers for additional security
- Mixed Content Fixer for the back-end
- More detailed feedback on the configuration page
- Certificate expiration check: get an email when your SSL certificate is about to expire
- Premium support
What does the plugin actually do
- It will first check for an existing SSL certificate. If you don’t have one, you can generate one in the plugin. Depending on your hosting company, we can also install it for you, or help you with instructions
- The plugin handles most issues that WordPress has with SSL, like when you’re behind a reverse proxy/loadbalancer, or when no headers are passed which WordPress can use to detect SSL.
- All incoming requests are redirected to https. Default with an internal WordPress redirect, but you can also enable a .htaccess redirect.
- The siteurl and homeurl are changed to https.
- Your insecure content is fixed by replacing all http:// URL’s with https://, except hyperlinks to other domains. Dynamically, so no database changes are made (except for the siteurl and homeurl).
- Cookies set with PHP are set securely, by setting them with the httpOnly flag
For free SSL certificate generation, Really Simple SSL uses the le acme2 PHP Let’s Encrypt client library, thanks to fbett for providing it.
Like to have this plugin in your language?
Translations can be added very easily here. If you do, I can get you added as translation editor to approve the translations.
For more detailed explanations and documentation on redirect loops, deactivating, mixed content, errors, and so on, please search the documentation
On a site where the source consists of about 60.000 characters, the delay caused by the mixed content fixer is about 0.00188 seconds. If this is too much for you, fix the mixed content manually and deactivate it in the settings.
The plugin checks your certificate before enabling, but if, for example, you migrated the site to a non-ssl environment, you might get locked out of the back-end.
If you can’t deactivate, do not just remove the plugin folder to uninstall! Follow these instructions.
Most mixed content issues are caused by URL’s in css or js files.
For detailed instructions on how to find mixed content read this article.
If you are experiencing redirect loops on your site, try these instructions.
Yes. There is a dedicated network settings page where you can switch between network activated SSL and per page SSL. In the dedicated pro for multisite plugin, you can override all site settings for SSL on the network level, and can activate and deactivate SSL in the network menu for each site.
Easily migrate your website to SSL with one click
Improve security with Really Simple SSL. Fully guided and documented.
Latest Change log entry:
- Fix: rsssl_server class not loaded on cron
- Fix: cron should only initialise letsencrypt class if certificate is generated by RSSSL
force ssl, https, insecure content, mixed content, ssl
+ Jason's Comments
This plugin helps to resolve the mixed media security error and change embedded domain links to https. You will first need a SSL – domain security certificate installed on your server.
Read up on other WordPress security related plugins and strategies.
Website Optimization and Maintenance
There are a few ways to optimize and speed up your website for viewers and search engines: database clean up, image optimization, page / script compression, CPU / server load optimization, server file caching and utilize browser caching.