since CNNIC After the certificate issued by the sub-middle attack occurred in these events,SSL Connection and HTTPS Becoming more popular。This time we 'Use SSL to protect your login information, and background page"Into the recommended"SSL Everywhere”,Using global SSL encryption,Avoid disclosure of privacy caused by the user when accessing the page。And,According to the latest tutorial showing Google Webmaster among introduction,SEO is more beneficial to use https(Domestic forget it,However, Google's crawlers will reallyMore attention Https sites。)Other,Upgrade to Https,You do not need to Google Webmaster Tools, what did - support smooth upgrade,The only drawback is probably included in a short time will fluctuate。

Google supports smooth migration to the HTTPS
Google supports smooth migration to the HTTPS

Here,We would like to thank StartSSL™ ,If not, they,I'm afraid we have these small owners personal blog bloggers to miss the SSL。

due toFor this reason,Off the grid is not in use StartSSL a free certificate,But instead use concern Let’s Encrypt project,So you can easily get a personal certificate free。but,If you're like me is to throw in the blog Hosting,I thought you might needThis siteTo support virtual host cPanel and other background configuration。

How to apply for a certificate issue,Here Skip speak,In conclusion This article assumes that you have at least one valid signature certificate and the corresponding domain name。

HTTPS on that point had to talk things

HTTPS uses443portTo verify your links,Through SSL、TLS This low-level encryption technology to ensure that your connection is secure,Because the SSL protocol at this level IP,Therefore, to establish a secure handshake even exchange HTTP data has not happened,This leads SSL The domain name for itself signed certificate but you have a requirementIndependent IP address。but,Ruthless reality soon proved -IPv4 addresses will eventually be exhausted。Hosting emerged,At this time we are very fortunate we can have an independent domain name and space,But the IP address is shared

Web server to provide different services on the same site on the same IP ports through distinguish requests from different domains,This leads to a serious problem:“SSL certificate is bound to whom?"The fact is indeed difficult to support SSL Hosting,Believe it will lead to other domain names with IP prompt certificate under the incorrect。but,Now the mainstream browsers support a new protocol:SNI

Use SNI,It will allow the Web server to provide a separate certificate for each domain on the same IP。

So,If you want to bind multiple domains on one IP certificate,Or do you still use the Affordable Web Hosting,Wish to bind the certificate,Then you need to make sure your host can support SNI--Of course,For example, the current mainstream server NginxApache So has support,With the exception of the roll is IIS Seemingly still not supported。

As your browser,Safari、Chrome、Firefox and other well-known browsers already support,Point name is seemingly IE series 5678 Not so good。

All right,Grilled over background,We started operations:

Since the grid is still a drop virtual host configuration,Here we talk about howUse cPanel to open SSL:

one、Open SSL access support

Your login cPanel,If your virtual host support SNI technology(See service providers to not to force),Then you should be in cPanel panel "Safety"Classification find inside."SSL/TLS"Function buttons。

"Security" category in the "SSL / TLS"
"Security" category in the "SSL / TLS"

After clicking enter you will see a link to upload a public key and a private key binding domain,Upload turn into the,Then choose to bind the link in their binding domain "www"Can。(Here we must note,If you're using the same off the grid is a kind of certificate,Then you should not be eligible to sign pan-domain certificate,Naked domain should also not enough。)

After binding,Your blog should have been able to use to access the Https,but,Just the beginning。

two、Open access HTTPS 301 redirects

Careful you'll find at this time,While your site at this time to support the HTTPS access,But it seems you can also use HTTP to access,Taking into account the current search engines are included in your HTTP link,So if you do not do something, then I am afraid that this SSL certificate will be useless!

I hope you will be able to support space .htaccess ,If your blog, then opened the pseudo-static,That eighty percent of your space is supported。 :)

We use .htaccess File to add a 301 redirect (in fact, there are various other ways to migrate,But Google uncle officialRecommended use 301 redirects) All of the HTTP traffic using 301 redirects to HTTPS to top,of course,Thus there is a potential problem:Domestic Baidu and other search engine crawlers do not support HTTPS

I'm curious,Why in the world have advocated SSL Everywhere in the case of,China's domestic Internet environment or "expressly take the world",of course,This may also with that "Girl Friend Wall"...... It has a relationship (otherwise it will not harmony ah ~) so,We also separately for some of the domestic search engine crawlers about custom rules,If the detected UA their,Then allow them to access the HTTP traffic。

In your blog space www Directory (some may be public_html )under,turn up .htaccess file,Edit it,Fill in the following code inside:

correct,Considering the huge hard IE uncle,We have excluded 12345678,Let them properly due to visit HTTP roll bar,Various provinces warning worry。

three、Open enforce SSL login and background

Although there has been redirected entire station,But we might still be WordPress It comes with its own function opens,Compatible with a view to better experience - after all 301s。

Still found inside the root directory of your website,The document is to be modified config.php,Directly at the end of this file on a new line,Two additional lines of code:

four、Site Links Support

The main problem may be the picture,You attachments have been uploaded to the space marked for WordPress absolute link,And they are all properly properly written "http://”。usually,Is the need to replace it with the database,However, this method is a little dangerous,I am here to give you recommend another good choice:Using the code allows WordPress before loading attachments will be replaced by a link like! --after all,Only a matter of protocol,Followed by the path is not half dime relationship ~

(I hope you are using WordPress subtopics function ......)

Found under the current topic function.php file,EDITORS ',At the end of the code inside append the following code:

Other,In addition to this main accident,You also need to be concerned about the various stations within the chain of:

  • Edit "menu" among all "Custom Link" is a relative path;
  • modify"Set up"→"conventional"inner"Site Address"and"WordPress address"As HTTPS;
  • Other modifications absolute link address of its cheap hand written ......

Fives、Concerned about plug

Now,The last remaining issue:Plug compatibility

Yes, that's right! Not all plug-ins are compatible with SSL!(Especially domestic plug)

correct! CNZZ statistics on this, then you only need to modify our code can statistical,The HTTP to HTTPS to modify。But more commonly used domestic JiaThis Social sharing widget on the weak,You can only afford to spareDelete stop

Other,Before"I love boiled fish"Related Posts Plugin Development:WordPress Related Post,Later sold to foreigners,Always loads a link outside the station,Today also because Girl Friend Wall This problem led to a variety of chrysanthemum js script,I had decisivelyDelete stop

You can use any browser,Open your blog page not open after an article,Select similar "Inspect Element"Operation,Check the error can be:There is no requirement for any red error,Yellow warning "⚠️" can be ignored。

Remove the plug on that function how to do?

Of course, is to find a replacement plug,As for the two plug-in here,Two plug-ins recommended route:

  • anyShare It is a very simple and functional lightweight social sharing widget,Button is relatively large (you can see the end of this article later style),Although it has not been updated for 10 months,But I assure you that this stuff is absolutely compatible with the latest version of WordPress and perfect function。:)
  • Yet Another Related Posts Plugin This is another related article plugin,And could not stand the annoying external link,Functional free version enough,And the sameSupport RSS,And now it's configuration interface is no longer so daunting,correct! Although it is also compatible with the latest version is prompted not - but I guarantee,This same thing is functioning properly -

At last,You can go to this page to reference cells are used in which fallingMad pull cool hanging WordPress plugin,These plug-ins will be at leastSSL compatible

 


 

This time,Your blog should have been able to show a perfectLittle gray locksLa!

Ugh? ! Why gray? Contentment,Jiang Zi is a Class Certificate,Want GreenpleasePay

correct,in Chrome Under the green,but Safari Comparison pick,Is gray ~

Another:If your blog contains a link to a non-HTTPS under the same domain name,Chrome will be a yellow warning triangle,The Safari is not the same as an ordinary link the address bar displays a small lock

Published by R0uter

The non-declaration,I have written articles are original,Reproduced, please indicate the link on this page and my name。

Join the Conversation

68 Comments

Your email address will not be published. Required fields are marked *

    1. Possible! Direct line and database risky,Relatively dynamic change link is more convenient (for example, a day without ssl (although unlikely ......
      In short,There can afford it can also directly replaces the clatter,Ye also more convenient performance。

  1. do not know why,After installing the default wordpress,https also configured the,Just https automatically jump to http,do not know why

  2. After reading the blogger wrote in great detail,anyShare this plugin I did not feel easy to use Baidu Share,Just need to be able to get a piece of code does not require plug-ins。I am ready to blog with https ah,Free ssl Whose Vorthong Let's Encrypt and two of good?

  3. Gangster ask questions,

    I turned green lock,But if the person Link is not HTTPS time,This page will show gray,Suggesting illegal HTTP resources,This connection is not connected to the site,JS is not a picture of what resources,He is a pure connection。How to do?

    1. Is such that,If your site is https,The inside offers an http link,Then the browser will think that your page is unsafe。One approach is to provide https,Another thing that is removed。Or whether he。

  4. Seven cattle used by the plug,After using https,Thumbnail image or local,But the http,How to deal with?

    /* Replace Image links with https */
    function my_content_manipulator($content){
    if( is_ssl() ){
    $content = str_replace(‘http://www.logcg.com/wp-content/uploads’, ‘https://www.logcg.com/wp-content/uploads’, $content);
    }
    return $content;
    }
    add_filter(‘the_content’, ‘my_content_manipulator’);
    This can not afford to replace thumbnail images

    1. This is a general trend,Now a variety of key script lot,Even my service provider provides one-click deployment capabilities for the user space!

      But be careful to choose the right vendor to issue certificates,For example, let's encrypt pretty good,Other free or inexpensive manufacturers,But be careful not to use startssl and wosign Vorthong,The two notorious。

  5. Safari is the only strategy for the EV green,And there is next to a small green lock Company Name。
    Green is the prerogative of the company name EV Certificate,ch will use the green bar shows the name。When only ch in a web page not to load http resources are green lock

    1. Yes,ev certificate too expensive,So difficult to obtain。General Certificate of nature is a small gray lock,While other browsers it to face,The lock on the green。As you said ch ............ I really do not know what is ah ..................

    1. "due to this reason,Off the grid is not in use StartSSL a free certificate,But instead use concern Let's Encrypt project,So you can easily get a personal certificate free。but,If you're like me is to throw in the blog Hosting,I thought you might need this site to support virtual host cPanel and other background configuration。"I really updated:)

          1. 1 This is my vps always been cheap so no panel,amh own installed QAQ second….I am a student busy + = lazy cancer require automatic renewal…So I spent a morning to get that thing….The official asked people not willing to say this stuff to get the module or manually make things right….Achievements are forced out QwQ wronged me,But I do not say..

  6. I have a lot of sites do not support https widget,So Xiangnong https forced to jump to the http,It is not to be against the way of thinking process Rewrite?>There is not deleted
    RewriteCond %{HTTP_USER_AGENT} !MSIE/[1-8]\. [NC]
    This line, it would have to make IE full range uncle also abide by the rules?Thank you -
    ps:Had intended the whole station with https is so specifically to green locks and information display buy ssl,Now found…With no eggs = = really do not buy

    1. Ha ha ha ~ ~ really,Our individual users, then buy ssl certificate useless,I now use the free encrypt everywhere,As long as a month to update。If you want to turn, jump ...... please do not write the rules to。Because the default browser will go http,If you have so ...... indeed as you say,These in turn rewrite ......
      But I think it,Acquiescence Jiuhaola。

      At last,Can https,Or https,Thus the reader is responsible for。

      1. https is certainly good,But what plug-ins do not support what is also loaded with a bunch of red cross out…Big head it
        And before did not change when the site has been using https,But now with https access, then it will be wrong to jump to http want to force this case under the care added favorites……
        (On the importance of the ability to make changes to the plug-in…)

        1. For plug-in,My attitude is changing and not changing,Not powerless but people want to upgrade。You worked so hard to change the,People all over the back upgrade。Https support for a function with the plug-in is very easy to do ah。
          But if too lazy to debug,That's just not it ~ http little green lock,He looked panic panic:)

          1. QAQ problem is that some streets are not plug-and over some degree .. rare high degree of understanding and then change to a lot of trouble….
            Plug-in, then I have had a lesson so basically handy…Do not upgrade…
            As for the green lock?ps not like a ╮(╯▽╰)╭(joke)
            But now think about or have a better point lock….Ok….Workers have to stay up late to catch the
            Then ask Let's Encrypt Authority X1 and Let's Encrypt Authority X3 different from you….

          2. 1234They have their own different purposes,For example, the number 4 is a disaster recovery,Usually not applicable。12In front of several generations of certificate,Should not be used,But if you want to be compatible xp,You would need to use x1;Usually used,,It is to use 3.

    1. I find that you like to use seven cattle cdn accelerated to give blog,Then you need to go seven cattle configuration page for the link https rather than normal http link。To use the seven cattle https link,You may need to keep your account balance is greater than seven cattle 10 yuan and the real-name authentication:)

    1. I deleted because this thing is useful for off grid is not too big,Off the grid in accordance with current views view,Open the memory is occupied point where nothing needs so much ~ concurrency? There is enough static cache。

      1. # BEGIN WordPress

        RewriteEngine On
        #RewriteCond %{HTTPS} !^on$ [NC]
        #RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
        RewriteBase /
        RewriteRule ^index.php$ – [L]
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule . /index.php [L]

        # END WordPress
        Rules above,But can not access,Ali cloud hosting,Will bloggers have encountered this problem?

        1. It is said that the number of domestic vps little problem,But this I can not really help you,I have little knowledge of this is:) So I did not press you wrote,I have not encountered this problem ~

    1. Thanks for sharing。WordPress plug-ins as possible can not to do it。Of course, according to their actual situation to be,Additional links https://meirishou.org,Just finished the whole。not bad!

  7. I used Vorthong certificate,Now all the pages are hppts,But enter the URL to automatically access is hppt,Points will be back next logo hppts,And hppt landing is no reaction to hppts login status is only 。。。。Is there any way to solve it,I did a few days Baidu tutorial