That might well be, but that’s alright. There might be redirects happening, and those will result in multiple requests. The WordPress-Cron System relies on AJAX-requests, those will also show up in the log. If you load any resources (images, scripts, stylesheets) that do not exist, WordPress will be loaded and handle the 404, resulting in … Read more
I checked amazon.com website for retrive X-Amz-Cf-Id header which I belive is not a standard header and for me it is working fine: function wpse_288865_featch_header() { $response = wp_remote_get(‘https://www.amazon.com/’); $custom_header = wp_remote_retrieve_header($response, ‘X-Amz-Cf-Id’); var_dump($custom_header); exit; } add_action(‘init’, ‘wpse_288865_featch_header’); Sometimes amazon.com is not returning this header so please refresh your WordPress site couple of times. I … Read more
It sounds like both Home URL and Site URL for your blog are set to http://test.blog, while your server accepts both http://test.blog and http://www.test.blog. If you access the latter, WordPress will redirect you because of the mismatch. You might be able to set the Home URL and Site URL dynamically in your wp-config.php like this: … Read more
Searching for non-SSL references in the code base is a smart idea and you should probably report any you find on hackerone.com (the place to disclose WordPress vulnerabilities). I also suggest you review the WordPress Security page on wordpress.org. To answer your question, I would say WordPress has been audited extensively for various security vulnerabilities … Read more
You have “www.wisconsinwetlands.org” URLs redirecting to insecure “http://wisconsinwetlands.org“. The cases you have used these is in the images on the page. Every image that is set as “https://www.” redirects to the insecure version. So while you do need to fix that and correctly configure your setup so that both “www” and non-www URLs are secure, … Read more
@annie you should change both siteurl and home option_name values to e.g http://localhost/wordpress:9000
I figured it out. I had a plug-in “WordPress HTTPS” it was forcing all but my woocommerse pages cart and checkout page to be http:. Woocommerse already has a setting to force Cart and Checkout page to be HTTPS so I really did not need the other plug-in, so I deactivated it. I then noticed … Read more
The short answer is that you should always use https whenever possible even on the most basic websites regardless of whether you use wordpress. Here are some of the reasons with a short explanation. Security – Even on pages that don’t necessarily need to be secure it is useful to use https because you want … Read more
How to use https on one page only?
HTTP Error after finishing uploading a video that is bigger than 64 MB -> After raising the upload limit manually in the wp-config file