SSL Insecure Content Fixer now with more fixes

Posted

SSL Insecure Content Fixer v2.0.0 has just been released. It now does content fixes as well as script and stylesheet fixes. It also handles HTTPS detection behind reverse proxies.

There are now five levels of fixes for mixed content: Simple, Content, Widgets, Capture, and Off. Simple is the same as the previous versions of the plugin, and Content, Widgets, and Capture fix problems in the content of the website to varying degrees. Off is supported for when you’re diagnosing problems, as well as a useful default setting on multisite installations. Check out the documentation for more details.

Reverse proxies can often complicate HTTPS in WordPress. I wrote a blog post about that back in February 2013. I’ve added an HTTPS detection setting to SSL Insecure Content Fixer to make the whole problem easier to diagnose and solve. It takes a quick peek at your website environment and makes a recommendation, so you don’t have to be an expert to get the setting right.

There’s been some chatter recently about the WooCommerce + Google Chrome HTTP_HTTPS bug. This Stack Exchange answer provides some good background (especially on why this isn’t Google Chrome’s fault). Fortunately, WooCommerce released v2.3.13 to fix that bug, and Google Chrome has changed its header so it doesn’t affect old sites. Unfortunately, lots of websites won’t be upgrading WooCommerce any day soon, and some people don’t have automatic updates enabled for Google Chrome. So I added a fix for it — it’s enabled by default, but you can disable it in the settings if you prefer.

Multisite also gets some love in this release. I know that some multisite admins like to network-enable SSL Insecure Content Fixer as a catch-all for their sites. I also know that they don’t want single-site admins poking around in the is_ssl() test tool and opening support tickets for problems unnecessarily. This release now only gives super admins the test tools on multisite, and allows you to set network-wide defaults for the fix levels and proxy settings.

You can update to version 2.0.0 from your WordPress plugin admin page. Here’s the full changelog for SSL Insecure Content Fixer.