I'm not sure which plugin will be easier to fix this problem.
But I'm using WordPress HTTPS so that I can have ssl encryption for admin activities. I'm using a shared ssl for encryption, which means that the domain name being used is different than the non-ssl traffic. This works fine.
To be clear, the non-ssl domain name is "commercialfuelsys.com". The ssl domain name is in the form of "other-domain-name.com/~user/"
Wordfence also works fine, but when I try to click on the links in its scan results, it uses https with the non-ssl domain name. Is there a way to disable the https in these wordfence links? or, is there a way to get it to use the correct shared ssl domain name from "WordPress HTTPS"?