Fix “sslverify=false” for Pro Plugin / Theme Updates

This is a pet peeve of mine – some plugin and theme authors (to make their lives easier) set “sslverify = false” in their Pro / Premium version update checks and/or other HTTP requests.

Luckily a few security and error checking plugins like the Query Monitor plugin (for example), will show a warning if the WordPress wp_remote_get() function is executed with “sslverify = false”. To make sure this is never the case, you can use the following filters in your functions.php file.

 
add_filter( 'https_ssl_verify', '__return_true', PHP_INT_MAX );

add_filter( 'http_request_args', 'http_request_force_ssl_verify', PHP_INT_MAX );

function http_request_force_ssl_verify( $args ) {

        $args[ 'sslverify' ] = true;

        return $args;
}

Continue reading