发表新帖
发表新帖

Change all occurrences of “http” to “https” on a wordpress page

后端 未结
关注
8 1490
心在旅途
心在旅途 2021-02-04 19:33

I am in the process of implementing SSL on some of my wordpress-powered site\'s pages. Currently I\'m getting mixed content warnings on the secured pages - my custom theme inclu

相关标签:
8条回答
  • 野性不改
    2021-02-04 20:16

    Have you looked at the protocol-agnostic relative url prefix?

    E.g. if you have the following

    <img src="//myimage.png" />

    It will use whatever protocol the page is currently on. More info: http://paulirish.com/2010/the-protocol-relative-url/

    0 讨论(0)
  • 天命终不由人
    2021-02-04 20:17

    if you only want to make sure there is no mixed content when an HTTPS request is made, try adding simple code snippet to the "function.php" file of the current theme.

    function _bd_force_https()
{
    if ( empty( $_SERVER['HTTPS'] ) ) return;
    ob_start();
}
add_action( 'template_redirect', '_bd_force_https', 1 );

function _bd_output_https_page()
{
    if ( empty( $_SERVER['HTTPS'] ) ) return;
    echo str_ireplace( 'http://', 'https://', ob_get_clean() );
}
add_action( 'wp_footer', '_bd_output_https_page', 99 );

    PROS:

    • very lean, simple to add
    • does not use javascript/jquery

    CONS:

    • not a plugin so it will break when theme is changed
    • cannot intercept HTTP requests made by javascripts from the client side
    0 讨论(0)
  • 一向
    2021-02-04 20:17

    I think that you should be doing this on the server side, via setting a cookie or something like that instead of using JavaScript to handle such a potentially dangerous security hole.

    0 讨论(0)
  • 既然无缘
    2021-02-04 20:19

    Had this exact problem today, wordpress-https didn't work at all for me, caused my whole site to hang in my browser once I tried saving the settings. I found a much much simpler plugin that did the trick beautifully: http://wordpress.org/extend/plugins/ssl-insecure-content-fixer/

    As a side note, if you are running a reverse proxy like nginx like I am you'll need to follow the advice here: http://blog.netflowdevelopments.com/2013/04/10/fixing-this-page-includes-script-from-unauthenticated-sources-problem-with-ssl-wordpress-install-on-apachenginx-server/

    essentially putting this:

    if (stripos(get_option('siteurl'), 'https://') === 0) { $_SERVER['HTTPS'] = 'on'; }

    at the end of your wp-config.php file

    0 讨论(0)
  • 花落未央
    2021-02-04 20:23

    I think you should use a plugin like "WordPress HTTPS". There are too many edge cases that you should be aware of (like third party plugins you don't have control) and using a well stablished add-on like this one would be an interesting approach.

    WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites. Free support provided!

    0 讨论(0)
  • 深忆病人
    2021-02-04 20:26

    After all the other migration steps if you still get mixed-content:

    sudo apt-get install php5-cli
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
pushd /var/www/path/
php /path/to/wp-cli.phar search-replace 'http://example.com' 'https://example.com' --skip-columns=guid --dry-run

    if ok,

    php /path/to/wp-cli.phar search-replace 'http://example.com' 'https://example.com' --skip-columns=guid

    from: https://helgeklein.com/blog/2015/01/switching-wordpress-site-http-https/

    0 讨论(0)
 看不清?
提交回复
热议问题