A simple, safe, and reliable way to force HTTP URLs to HTTPS dynamically:
No setup required - simply activate the plugin to force HTTP URLs to HTTPS.
There are no plugin settings to adjust, and no changes are made to your WordPress configuration.
SIGNIFICANTLY FASTER than other popular plugins of this type:
Other well known plugins use
PHP's output buffer to search & replace URLs in the rendered HTML, which is a technique that is error prone and
negatively affects caching performance (as changes are not cached).
This plugin uses standard WordPress filters instead of PHP's output buffer for maximum reliability, performance, caching compatibility, and uses 301 permanent redirects for best SEO results (
301 redirects are considered best for SEO when moving from HTTP to HTTPS).
Supports advanced proxy / load-balancing HTTP headers:
X-Forwarded-Proto
(aka HTTP_X_FORWARDED_PROTO
server value)
X-Forwarded-Ssl
(aka HTTP_X_FORWARDED_SSL
server value)
See
Web technology for developers > HTTP > HTTP headers > X-Forwarded-Proto for more details.
Plugin Requirements
Your web server must already be configured with an SSL certificate and able to handle HTTPS connections. ;-)
Version Numbering
Version components:
{major}.{minor}.{bugfix}[-{stage}.{level}]
- {major} = Major structural code changes and/or incompatible API changes (ie. breaking changes).
- {minor} = New functionality was added or improved in a backwards-compatible manner.
- {bugfix} = Backwards-compatible bug fixes or small improvements.
- {stage}.{level} = Pre-production release: dev < a (alpha) < b (beta) < rc (release candidate).
Repositories
Changelog / Release Notes
Version 3.5.0 (2024/09/28)
- New Features
- None.
- Improvements
- Improved PHP 'HTTP_HOST' and 'REQUEST_URI' server variable checks for command line execution.
- Bugfixes
- None.
- Developer Notes
- Updated
JsmForceSsl::force_ssl_redirect()
to use not empty() instead of isset().
- Requires At Least
- PHP v7.4.33.
- WordPress v5.9.