can this plugin be avoided?

If your entire site is setup to run https then this plugin is not really mandatory but some plugins can cause some insecure content warnings and I have found this plugin really helps with those.

I do have a few sites without this that work fine on https but I use only a few plugins on those.

Hope this helps!

Kevin

I’ve been using the plugin for quite some time, but lately, due to the comparability issues with the newer WordPress versions, I had to figure out a solution.

In my case, where I have access to the server WordPress is hosted on I ended up by redirecting all traffic from HTTP to HTTPS through the VirtualHost.

<VirtualHost *:80>
    ServerAdmin [email protected]
    ServerName domain.tld
    ServerAlias www.domain.tld

    RedirectMatch permanent ^/(.*) https://domain.tld/$1
</VirtualHost>

It solved my issue and everything runs fine without the HTTPS plugin.

Hi tbjornli
Interesting, but what do you think in multisite configuration ?

Don’t know about Apache. However, I’m running an Nginx server multisite (sub-directory) with individual (non-wildcard) ssl certificates for each domain without too many problems.

Had to put in strong redirect/rewrites to force https across each domain and had to create multiple server blocks in the nginx configs to direct each domain to its own certificate.

I’m getting ‘A+’ on SSLLabs test for each site with only occasional glitches due to WordPress database wonkiness and how it distributes plugins/uploads throughout the network (sometimes it uses the complete domain urls with sub-directories just to mess with me).

It’s takes time, lots of freakin’ time. And patience–don’t forget patience.

Good luck,
Chad

BTW, I had never heard of the plugin before today–stumbled across this post looking for other CDN related issues.