As the internet moves toward a more secure web and Chrome and Firefox start to increasingly make insecure websites more and more obvious, it makes it more and more important to make sure your website is on the right side of the SSL line.
We have turned to Really Simple SSL
It is really simple and it takes care of the redirects and also the mixed content issues (when you have content that is both SSL and non SSL)
What does it do?
- It handles most issues that WordPress has with SSL, like when you’re behind a reverse proxy/loadbalancer, or when no headers are passed which WordPress can use to detect SSL.
- All incoming requests redirected to https. It defaults with an internal redirect, but can be done as a .htaccess redirect.
- Both site url & home url are changed to https.
- Insecure content is fixed by replacing all non ssl http:// urls with https://, except links to other domains. It\’s done on the fly, so no database changes are made (except for the siteurl and homeurl).
With AutoSSL now on most hosts, it makes sense to do this final step to make you site secure