Wordpress on SSL
- SEO considerations when moving from HTTP to HTTPS
- Moving your website to SSL - tips & tricks
- HTTPS Mixed Content: Still the Easiest Way to Break SSL
Fix HTTPS Mixed Content
Fix internal links
If the images or scripts are located on the same domain, you can access them relatively, rather than absolutely.
Fix external links
Relative protocol - change http:// to only // if supported by
external host. Using this method, the browser will know that it must
load the image securely if the web page is being loaded securely but it
will also load the image normally if the page is not being accessed
securely.
Change Assets from HTTP to HTTPS by using external URL’s without protocol prefix, as explained here
Automatic fix
We can use some plug-ins for the same purpose.
WordPress HTTPS plugin does exactly that, and we used it on muypotente.ch site.
WordPress GUID’s
The term “GUID” stands for “Globally Unique Identifier” and is primarily used for RSS readers. They are supposed to be unique identifiers so RSS feeds don’t republish the same content over and over again.
A post or page GUID is always in the same format:
- for a post:
example.com/?p=N - for a page:
example.com/?page_id=N
Important GUID Note Don’t use the GUID field. Ever
Note on inserting images in Wordpress
Q: Images are inserted into a post using their absolute URL, rather than a relative one. This seems short-sighted.
A: Images can be made root-relative by editing the path when you insert them. If you need to change old images, backup your database and do a search-replace.
Tools to detect mixed content
-
Great plugin that logs all mixed-content is called HTTPS Mixed Content Detector *
-
SSL-check will crawl your HTTPS website and find unsecure content
Wordpress administration on SSL
You can read about it on Codex
More tools:
PhantomJS crawler written to detect Mixed Content bramus/mixed-content-scan spinkham/skipfish
How do I fix the SSL Mixed Content Error Message? – CloudFlare Support