I’ve never heard of anything like that in Wordfence, nor seen it. Agree that the “yet another plugin, sigh” syndrome is best avoided like the plague.
You might talk to your ISP about what is really required for your SSL, as well as being sure you change settings in the WordPress admin. In my case, all I have to do (along with changing URL to https in WordPress admin, is keep the following in my .htaccess file, nothing more, no plugins.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourwebsite.com/$1 [R=301,L]
Easy to test.
MTN
Hi pcskibum,
I would agree with mountainguy2 that the correct way to go about this is to redirect all http traffic to https via .htaccess. Then you will not risk getting in to any conflicts with plugins.
Don’t you have to buy a SSL certificate with your domain registrar first? I think it’s an additional 11 bucks/a year.
Yes, you need an SSL certificate to use SSL on your website. Usually it’s easiest if you ask your host to set it up for you.
Thanks for the advice everyone. I did update the .htaccess file as you suggest and it seems to work perfectly. That’s even easier than installing another plugin.
We already had the SSL certificate so that’s not a problem. By the way, we have been using the free certificates from Let’s Encrypt (https://letsencrypt.org/) and they work great. And they’re free.
