How to force all WordPress content to SSL

Question

How to force all WordPress content to SSL

Navigation

#1 by (2 votes)
#2 by (2 votes)
#3 by (1 votes)
#4 by (1 votes)

3

Recently I'm making a web page in WordPress and I need all the web content to be shown by SSL, but it only applies to the main page, indicating that the browser is browsing HTTP instead of HTTPS.

I have the plugin SSL Insecure Content Fixer installed, and I have this code in .htaccess :

# BEGIN WordPress
<IfModule mod_rewrite.c>
   RewriteEngine On
   RewriteBase /
   RewriteRule ^index\.php$ - [L]
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule . /index.php [L]
   RewriteCond %{HTTPS} off
   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

# END WordPress

wordpress

asked by Dealgrat 08.08.2018 в 21:31

source

4 answers

2

If just changing the htaccess does not work for you, maybe you should follow these steps.

Verify that your page loads correctly in https: //

Redirection of all pages from the wordpress settings, ie Options > General and put the two urls with https as in the image:

If you do not want to touch the htaccess, there are a couple of plugins that redirect and change insecure content: link and link

You often have to check some more parameters, for example references in the template that may have http: // (that is, the settings in Appearance> Customize or in the Options of the own subject if I had.

Sometimes, there are references in style sheets that contain urls with http: //, or accessory files that may have a call to http: //, you should locate and fix them.

And finally you should inspect with your browser and see if there is any insecure element left.

Finally do not forget to change references of tracking codes or other elements that you have. Also to avoid problems, you could put the urls link . or link . as follows // www. so they would load http or https depending on the environment.

answered by 23.08.2018 в 22:58

1

Apart from what was said by the other foreros, it may work for you if you put this:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://TUDOMINIO.ES/$1 [R,L]

Substituting TUDOMINIO.ES for your real domain.

You'll tell us if it worked.

answered by 27.08.2018 в 13:21

1

You can do it using a plugin, WordPress HTTPS (SSL). Once you install it, on its settings page, you can specify if you want to secure the entire site or just the administration area. To ensure specific pages or entries, add a box to the WordPress editor to make it secure.

If, on the other hand, you prefer to secure specific entries with a code, you can add the following to your function plugin:

    //Forzar SSL en páginas y entradas
function force_ssl($force_ssl, $id = 0) {
$ssl_posts = array(22, 130, 573);

if(in_array($id, $ssl_posts)) {
$force_ssl = true;
}
return $force_ssl;
}
add_filter('force_ssl' , 'force_ssl', 1, 3);

Simply change the list of IDs of the entries / pages to be protected on line 3.

Additionally, you can force security through SSL in the access screens and WordPress administration by adding these lines to the wp-config.php file:

define('FORCE_SSL_LOGIN', true);
define('FORCE_SSL_ADMIN', true);

In the first line, SSL forces in the access screens, in the second in the whole administration. To disable them, change the parameter "true" to "false".

And if you want, you can also force SSL from .htaccess, for which you would have to add these lines:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://TUDOMINIO.ES/$1 [R,L]

answered by 10.01.2019 в 21:00

Retrieve id in comboBox Save checkbox selected and not selected

score 2 · Accepted Answer

I passed my Wordpress site to SSL recently and what I did was the following:

Outside the block relating to # BEGIN WordPress , at the beginning of .htaccess

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Inside the block # BEGIN WordPress , everything as usual

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

That way my site works without problems in https

If there is any other problem, it may be due to the certificate. You can verify that it is properly installed by accessing SSL Checker and entering the URL of your site. If you do not validate everything, putting it in green ( as the image in this question shows ), you should correct whatever necessary.