SSL Insecure Content Fixer

Wordpress Plugin
Download latest - 2.7.2

Developers

webaware

Download Stats

Today 4,961
Yesterday 6,969
Last Week 37,348
All Time 918,034
Banner 772x250

Clean up your WordPress website's HTTPS insecure content and mixed content warnings. Installing the SSL Insecure Content Fixer plugin will solve most insecure content warnings with little or no effort. The remainder can be diagnosed with a few simple tools.

When you install SSL Insecure Content Fixer, its default settings are activated and it will automatically perform some basic fixes on your website using the Simple fix level. You can select more comprehensive fix levels as needed by your website.

WordPress Multisite gets a network settings page. This can be used to set default settings for all sites within a network, so that network administrators only need to specify settings on sites that have requirements differing from the network defaults.

See the SSL Insecure Content Fixer website for more details.

Translations

Many thanks to the generous efforts of our translators:

  • Bulgarian (bg_BG) -- the Bulgarian translation team
  • Chinese simplified (zh_CN) -- the Chinese translation team
  • English (en_CA) -- the English (Canadian) translation team
  • English (en_GB) -- the English (British) translation team
  • Dutch (nl_NL) -- the Dutch translation team
  • German (de_DE) -- the German translation team
  • French (fr_FR) -- the French translation team
  • Italian (it_IT) -- the Italian translation team
  • Japanese (ja) -- the Japanese translation team
  • Russian (ru_RU) -- the Russian translation team
  • Spanish (es_ES) -- the Spanish translation team

If you'd like to help out by translating this plugin, please sign up for an account and dig in.


Releases (30 )

Version Release Date Change Log
2.7.2 2018-12-04
2.7.1 2018-11-21
2.7.0 2018-06-30
2.6.0 2018-05-08

no longer sets a cookie on test or settings pages; fixes Gravatars with insecure content; support for sites that can't update PCRE beyond 7.2

=
2.5.0 2017-11-23

support for https detection on KeyCDN; option to only fix content resource links for the current website; .htaccess rules file for non-WP test script now supports Apache v2.4

=
2.4.0 2017-05-14

don't capture content on admin pages when mode is Capture or Capture All; added filter for disabling Capture modes

=
2.3.0 2017-05-01

added support for Windows Azure with ARR; added filter for domains that can be excluded from content cleaning

=
2.2.3 2017-01-31

fix Visual Composer and Theme Fusion Builder crashes; add Capture All mode and stop Capture mode affecting AJAX requests

=
2.2.2 2017-01-21

case-insensitive protocol header tests; support Amazon CloudFront CloudFront-Forwarded-Proto header; clean up responsive image srcset links to external images

=
2.2.1 2016-11-19

improve accessibility of admin pages

=
2.2.0 2016-10-10

stop WooCommerce cached widgets from http showing on https; fix Gravity Forms confirmation content

=
2.1.6 2016-07-28

fix malware warning with GOTMLS vulnerability scanner

=
2.1.5 2015-12-25

translations no longer in zip file; now delivered automatically as language packs when required

=
2.1.4 2015-12-03

fix inline CSS background image rules, e.g. in Capture level; French translation; support SSLFIX_PLUGIN_NO_HTTPS_DETECT

=
2.1.3 2015-10-08

added: Chinese (simplified) translation

=
2.1.2 2015-09-05
  • fixed: HTTPS detection for host 123-reg

=
2.1.1 2015-08-11

= 2.1.0 =

  • security fix: restrict access to AJAX test script; don't disclose server environment with system information
2.1.0 2015-07-30
  • security fix: restrict access to AJAX test script; don't disclose server environment with system information

=
2.0.0 2015-07-26
1.8.0 2015-04-27

[2014-02-02] = * changed: use script/style source filters instead of iterating over script/style dependency objects * changed: only handle links for wp_get_attachment_image(), wp_get_attachment_image_src(), etc. on front end (i.e. not in admin) * changed: refactor for code simplification * added: fix data returned from wp_upload_dir() (fixes Contact Form 7 CAPTCHA images) * added: Tools menu link to is_ssl() test
1.7.1 2013-03-13

[2013-03-13] = * fixed: is_ssl() test checks to ensure test page was actually loaded via SSL
1.7.0 2013-03-12

[2013-03-13] = * added: simple test to see whether is_ssl() is working, and try to diagnose when it isn't
1.6.0 2013-03-10

[2013-01-05] = * added: handle images and other media loaded by calling wp_get_attachment_image(), wp_get_attachment_image_src(), etc.
1.5.0 2012-11-10

[2012-11-09] = * added: handle properly enqueued admin stylesheets for admin over SSL
1.4.1 2012-09-21

[2012-09-21] = * fixed: handle uppercase links properly (i.e. HTTP://)
1.4.0 2012-09-13

[2012-09-13] = * added: fix for images loaded by Image Widget
1.3.0 2012-07-22

[2012-07-22] = * removed: fix for links-shortcode (fixed in v1.3)
1.2.0 2012-07-20

[2012-07-21] = * removed: fix for youtube-feeder; NB: v2.0.0 of that plugin still loads Youtube videos over http, so you will still get insecure content errors on pages with embedded videos until plugin author applies a fix.
1.1.0 2012-05-20

[2012-05-17] = * added: handle youtube-fixer
1.0.0 2012-04-21

[2012-04-19] = * initial release