JSM’s Force SSL / HTTPS

FYI

  • Plugin Name: JSM's Force SSL / HTTPS
  • Stable Version: 1.1.3
  • Author: JS Morisset
  • Description: A fast and effective plugin to force webpage and media library URLs from HTTP to HTTPS with a permanent redirect.
  • License: GPLv3
  • Requires At Least: WordPress 3.7
  • Tested Up To: WordPress 4.8.1
  • Last Updated: 19 hours ago
  • Downloaded: 166 times
  • Plugin Homepage »

An fast and effective way to make sure that all the HTTP URLs get redirected to HTTPS, including the WordPress upload folder for uploaded images and media.

This plugin is significantly different than most other plugins of its type — other plugins generally create an output filter using PHP's output buffering to search / replace URLs within the webpage document. This is much slower (and error prone) than using the WordPress 'upload_dir' filter and permanent (301) redirects (which is considered best practive when moving from HTTP to HTTPS).

The plugin defines the following constants (if not already defined), then makes sure that all front-end HTTP requests are redirected to their HTTPS equivalent:

  • FORCE_SSL
  • FORCE_SSL_ADMIN
  • FORCE_SSL_LOGIN

The plugin also hooks the WordPress 'upload_dir' filter, to make sure that all upload directory URLs match the required protocol.

The plugin checks and honors the following proxy / load-balancing web server variables:

  • HTTP_X_FORWARDED_PROTO
  • HTTP_X_FORWARDED_SSL

There are no plugin settings — simply install and activate the plugin.

Requirements

Your web server must be configured with an SSL certificate and able to handle HTTPS request. ;-)