New Plugin – JSM Force SSL / HTTPS

When searching for a plugin on, I’m always surprised by the number of results — many plugins appear to be similar, or even identical, but if you look at their PHP code, those similarities quickly evaporate. This was the case recently when I was looking for a simple plugin to redirect HTTP URLs to HTTPS. Some plugins were way too basic / incomplete in their logic, while others looked like a pile of spaghetti code with the kitchen sink thrown in there somewhere. :)

JSM Force SSL / HTTPS is my take on a simple WordPress plugin to redirect HTTP URLs to HTTPS. ;-)

The plugin defines the FORCE_SSL, FORCE_SSL_ADMIN, and FORCE_SSL_LOGIN constants, then makes sure that all front-end HTTP requests are redirected to their HTTPS equivalent.

The plugin also hooks the WordPress ‘upload_dir’ filter to make sure that all upload directory URLs match the current webpage protocol.

The plugin checks and honors the proxy / load-balancing HTTP_X_FORWARDED_PROTO and HTTP_X_FORWARDED_SSL web server variables.

There are no plugin settings — simply install and activate the plugin.


Your web server must be configured with an SSL certificate and able to handle HTTPS request. ;-)

Find this content useful? Share it with your friends!