I would recommend to define this constant in your wp-config.php to force HTTPS on admin: define(‘FORCE_SSL_ADMIN’, true); Also, there is a function called is_admin() which could be helpful in your case. if ( is_admin() ) { $_SERVER[‘HTTPS’] = ‘on’; } However, if you have a rule in your web server forcing all wp-admin and wp-login.php … Read more
You either go site wide HTTPS, or should not bother with it in the first place. Should it be for all access or just for logged in users depends on the profile of your traffic. If most traffic will come from registered users, then just go unconditional HTTPS as doing it conditionaly just for logged … Read more
Change the site URL to use SSL for the entire site including home page.
If you are looking to use HTTPS, I reccomend following this wordpress guide: https://make.wordpress.org/support/user-manual/web-publishing/https-for-wordpress/#implementing-https-for-wordpress You can get a free SSL Certificate from: https://letsencrypt.org/ If you find difficulty setting it up, you can often pay your host a small fee to help set this up. Once set up, you just need to make sure all the … Read more
There is no filter when a script is registered, so it is hard to track that down. Use a full text search in all your theme and plugin files to find the source. In addition, you can filter the URL before it is printed: add_filter( ‘script_loader_src’, function( $url ) { if ( 0 !== strpos( … Read more
To globally redirect all your pages to HTTPS add the following lines to your .htaccess: # Globally force SSL. RewriteCond %{HTTPS} off RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] This should be placed directly after RewriteEngine on if you have no previous rewrites.
This really belongs on ServerFault, StackOverflow or Webmasters… But basically, you need to add something along these lines before the WP rules begin: RewriteEngine on RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
Not sure what plugin you are using to enforce SSL, but I would disable it to prevent conflicts with the possible solution below. To make sure you’ve updated all of your URLs to the HTTPS, do the following: Go and download Interconnect IT’s Database Search & Replace Script here Unzip the file and drop the … Read more
I have recently solved my issue, I went on wordpress support, found my issue and how to fix it. I installed the SSL Insecure Content Fixer plugin and chose in the plugin settings for SSL Detection, the setting that was recommended. Then, I went to the settings and set my WordPress and site URL to … Read more
If possible, you should try and fix the cause of this error – invalid SSL certificates. But there are some instances where this is not possible or desirable. One obvious one being development sites using a self-signed SSL certs. One way around this is to set $ssl_verify to false before line 1161 of wp-includes/class-http.php: curl_setopt( … Read more