WordPress SSL Plugins to Make Switching to HTTPS Easier
It’s relatively easy to enable SSL (HTTPS) on a WordPress website. Once you’ve purchased or enabled your SSL certificate on your web server, in theory all you need to do is update the home and site URL (in Dashboard > Settings, or using wp-config.php
) and you’re done! In practice however, there can be a few stumbling blocks depending on how your site has been built and configured.
Using SSL secures communication on your website using encryption, keeping traffic between web browser and web server private. Aside from the security benefits, it’s also strongly encouraged by search engines. SSL has even been a ranking factor since 2014.
For many years, web browsers have displayed padlocks and various icons to help users identify secure sites, these are now becoming more noticeable. SSL is an important trust factor, however if you need further convincing on why you should be using HTTPS rather than HTTP, check out a recent article on WP Tavern that reports that more than 50% of web traffic is now encrypted. They also dig into some of the current usage statistics.
In this article, I’ll cover some of the popular plugins that I’ve come across, and been recommended by others in the WordPress community. I’ll also list a few useful testing tools that have helped me when troubleshooting both client and server SSL related issues.
It’s worth noting that all modern web browsers are equipped with “Developer Tools”, including several that can assist with SSL and certificate problems.
SSL Plugins for WordPress
All of these plugins require you to have an SSL certificate successfully installed on hosting environment. They can help with fixing mixed content issues, however I’ve found there isn’t a silver bullet, which is why I’ve listed several for you to research and test.
WP Force SSL
Active Installs: 20,000+
Rating: 4.8 out of 5 stars
Last Updated: 6 months ago
Link: https://en-au.wordpress.org/plugins/wp-force-ssl/
Easy HTTPS Redirection
Active Installs: 20,000+
Rating: 3.8 out of 5 stars
Last Updated: 2 weeks ago
Link: https://en-au.wordpress.org/plugins/https-redirection/
Really Simple SSL
Active Installs: 100,000+
Rating: 4.8 out of 5 stars
Last Updated: 6 days ago
Link: https://en-au.wordpress.org/plugins/really-simple-ssl/
SSL Insecure Content Fixer
Active Installs: 60,000+
Rating: 4.9 out of 5 stars
Last Updated: 1 week ago
Link: https://wordpress.org/plugins/ssl-insecure-content-fixer/
SSL Troubleshooting Tools
SSL problems can stem from either your website itself, or the web server. Using the tools below should help point you in the right direction and give you more information on what to look at next.
Qualys SSL Labs
Qualys have several SSL tools available, their SSL Server Test is one of the most popular. This tool checks your web server and SSL configuration for any issues. It also gives a score based on the configuration of your web server and SSL implementation.
They also offer a client testing tool (https://www.ssllabs.com/ssltest/viewMyClient.html) which reports on the security capabilities of your web browser. This can be useful, especially if you’re working with older browsers, which can be problematic when it comes to SSL.
Link: https://www.ssllabs.com/ssltest/
Why No Padlock
Why No Padlock is a quick and easy way to check for assets referenced using HTTP causing mixed content issues. Your web browser can give you the same information, but this can be handy when working with colleagues or clients, since it’s remotely hosted and provides a simple report.
Mixed content issues are some of the most common SSL problems you’ll run into. Even if you’ve done everything correctly, using a poorly developed plugin, or embedding code from the third party can sometimes introduce elements with hard coded assets served over HTTP.
Link: https://www.whynopadlock.com/
SSL Shopper
This tool is great for reporting on SSL certificate configuration and installation problems. It’s a simple check, but quite often it’s exactly the information you need to highlight the root cause of an SSL related problem.
Link: https://www.sslshopper.com/
Conclusion
SSL/HTTPS can be a complex topic, but luckily you don’t need to get your hands too dirty to start using it. There’s a wealth of plugins, guides and troubleshooting tools on the web to help get you up and running.
If you have any other useful tools or plugins you’d recommend, please let us know in the comments below.