WordPress.org

Support

Support » Plugins and Hacks » WP Security Scan doesn't respect ForceSSL mode

WP Security Scan doesn't respect ForceSSL mode

  • WP Security Scan, which doesn’t appear to have been updated for some time, does not respect WordPress’ Force SSL mode, which can be set in wp-config.php

    When the plugin is active, the connection is only partially encrypted, because WP Security Scan is ironically making insecure calls to external websites. Deactivating the plugin makes a WP admin instance (with no other plugins installed) go back to being fully encrypted when accessed.

    It’s kind of ridiculous that a security plugin isn’t compatible with Force SSL mode.

  • The topic ‘WP Security Scan doesn't respect ForceSSL mode’ is closed to new replies.