The short answer is that you should always use https whenever possible even on the most basic websites regardless of whether you use wordpress. Here are some of the reasons with a short explanation. Security – Even on pages that don’t necessarily need to be secure it is useful to use https because you want … Read more
Too many redirects after added SSL redirect on port 80 virtual host
Permalinks 404 error with HTTPS host
Well, this was about half my fault half Jetpacks’. WordPress in general defaults to non protocol-relative URLs (eg http:// not //) and the problem was an explicit http:// image I used Jetpack to insert into my sidebar. Moving that to a protocol-relative // cleared up the mixed content problem. In general keep an eye out … Read more
Locked out of admin and some pictures don’t show after failed SSL installation
How to use https on one page only?
Web site Header tag links some resources with HTTPS
Search the place in your theme where you’re including the google fonts script, and remove the leading part http: , at the beginning of google fonts api url. The part you’re going to leave should look like //fonts.googleapis.com/css?family= and so on (leave what is after family but nothing before // ) Make a search replace … Read more
It was caused by CloudFlare https (which doesn’t set the $_SERVER[‘HTTPS’] variable), I solved it by forcing: $_SERVER[‘HTTPS’] = ‘on’; in the webserver configuration. After doing so I could also disable the CloudFlare Flexible SSL plugin, and get a little performance gain.
How can I set cookies on both secure and non-secure origins at the same time?