Volixta SSL & Security Headers

开发者	volixta
更新时间	2025年10月4日 07:45
PHP版本:	7.4 及以上
WordPress版本:	6.8.3
版权:	GPLv2 or later
版权网址:	版权信息

下载

1.0.0 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5

详情介绍:

Is your WordPress site still serving pages over HTTP instead of HTTPS?\ Do you see browser warnings like "Not Secure" even though you installed SSL?\ Are you getting mixed content errors in Chrome or Firefox after enabling HTTPS?\ Or is your Site Health report complaining about missing security headers? 👉 Volixta SSL & Security Headers fixes all of these in a few clicks. Easily activate SSL, force 301 redirects, repair mixed content, and add recommended WordPress security headers like HSTS, CSP, and X-Frame-Options. 🔐 What does Volixta do?

Activate SSL automatically: safely update your WordPress home and siteurl to use https://.
Force HTTPS with 301 redirect: adds a safe .htaccess block on Apache/LiteSpeed, or falls back to a PHP redirect if needed.
Fix mixed content: scans your posts, postmeta, and options for http:// links and replaces them with https:// (serialization-safe).
Apply modern HTTP Security Headers: HSTS, Content-Security-Policy (upgrade-insecure-requests), X-Frame-Options, Referrer-Policy, Permissions-Policy, COOP/COEP/CORP. All values are editable before applying.
Nginx friendly: when .htaccess is not available, Volixta shows ready-to-use Nginx snippets for redirects and headers.
Site Health integration: new tests for SSL validity, HTTPS redirect, and security headers presence.

✅ Why choose Volixta?

Safe by design:\ Nothing is applied automatically. You choose what to enable. Each .htaccess write creates a timestamped backup.
Serialization-safe mixed content fixer: no risk of breaking complex data in postmeta or options.
Admin-only: no runtime overhead on the frontend (except optional PHP redirect).
Localhost aware: detects local environments (localhost, .local, .test) and shows guided instructions with mkcert.

🔎 Typical problems solved

“How do I activate SSL in WordPress?”\ → One click in Volixta updates your site to HTTPS safely.
“How do I force HTTPS with 301 redirects?”\ → Volixta inserts a safe .htaccess 301 redirect or a PHP fallback.
“My Site Health report says ‘No security headers detected’.”\ → Apply missing security headers (HSTS, CSP, X-Frame-Options, Referrer-Policy, etc.) in one click.
“How can I add WordPress security headers without editing code?”\ → Use Volixta’s panel to configure and apply headers safely.
“After enabling SSL, my site still shows mixed content errors.”\ → Run the Mixed Content Scan + Fixer to repair unsafe links automatically.
“I’m on Nginx, so .htaccess doesn’t work.”\ → Copy/paste the Nginx-ready snippets Volixta provides for HTTPS redirects and headers.

安装:

Upload to /wp-content/plugins/ or install directly from the directory.
Activate the plugin.
Open Volixta SSL & Security in the admin menu.
With a valid SSL certificate:
Click Activate SSL (updates WP URLs to https://).
Click Enable HTTPS Redirect (tries .htaccess, otherwise PHP fallback).
Click Apply Security Headers (safe .htaccess block with backup).

屏幕截图:

升级注意事项:

1.0.0 Review headers configuration before applying. A backup of .htaccess is always created.

常见问题:

Does it modify .htaccess?

= How do I activate SSL in WordPress? =\ Open Volixta → click Activate SSL. The plugin updates your WordPress and Site URL to use HTTPS, then you can force 301 redirects to ensure all traffic goes over SSL. = How do I add security headers in WordPress? =\ Go to Volixta → Security Headers panel → select headers (HSTS, CSP, X-Frame-Options, Referrer-Policy, etc.) → click Apply. Volixta safely writes headers to .htaccess or provides Nginx snippets. Yes, but only when you click an action. Blocks are wrapped clearly:

# BEGIN Volixta HTTPS Redirect
# END Volixta HTTPS Redirect\ A backup .htaccess.bak-YYYYMMDD-HHMMSS is created each time.

Will it work on Nginx?

Yes. .htaccess is Apache/LiteSpeed only, but Volixta shows ready-to-copy Nginx snippets for redirects and headers. The HTTPS redirect can also use PHP fallback.

Does it slow down my site?

No. Everything runs only in the admin panel. On the frontend, only the optional PHP redirect adds minimal overhead.

Can I use it locally?

Yes. Local environments are auto-detected. Volixta shows a “Local HTTPS” section with instructions to set up a trusted certificate using mkcert.\ No .htaccess or redirects are applied on localhost.

Where are settings stored?

Only a few options in wp_options:

Headers configuration
PHP redirect flag
Last mixed-content scan result

更新日志:

1.0.5

Updated readme.txt

1.0.4

Tested up to: 6.8.3

1.0.3

Tested up to: 6.8.3

1.0.2

Updated readme.txt (corrected description)

1.0.1

Updated readme.txt (improved description, SEO, FAQ)

1.0.0

Initial public release
SSL activation, HTTPS redirect (301)
Security headers with editable values
Mixed content scanner & fixer
Nginx snippets for headers/redirects
Site Health checks
Automatic .htaccess backups