WP Security Scan doesn't respect ForceSSL mode
WP Security Scan, which doesn’t appear to have been updated for some time, does not respect WordPress’ Force SSL mode, which can be set in wp-config.php
When the plugin is active, the connection is only partially encrypted, because WP Security Scan is ironically making insecure calls to external websites. Deactivating the plugin makes a WP admin instance (with no other plugins installed) go back to being fully encrypted when accessed.
It’s kind of ridiculous that a security plugin isn’t compatible with Force SSL mode.
- The topic ‘WP Security Scan doesn't respect ForceSSL mode’ is closed to new replies.