WordPress one of the most common and popular used CMS today, it is an amazing piece of software for making a simple website as well as a complex one. Today at techtaks we are talking about wordpress 5.7 update and its some new features, so let’s get started.
Until now, if you wanted to change your website from HTTP to HTTPS you had to do the following …
- Install an SSL certificate.
- Change the site and WordPress address from HTTP to HTTPS in the general WordPress settings.
- Force the entire web to load in HTTPS using plugins like Really Simple SSL, iThemes Security, Redirection, and others.
In fact, if you did not do it like that, with the 3 steps, you could have the false feeling that you already had your website in HTTPS when it was not like that, because the third step is fundamental, in fact vital.
That is, imagine that you have installed the SSL certificate, because the next thing was to go to the general settings of WordPress and change the URLs , which would be as HTTP, like this:
Because, if you just change the site url and WordPress to HTTPS , like this:
You might think that your website is already secure, and it only works on HTTPS, but it is not true.
Anyone could still browse the HTTP version of your website, just changing the URL and removing the “S” from it.
What’s more, all those links that previously existed in HTTP would still be HTTP , as you can see by inspecting the page.
What was missing from the process was to force the load over HTTPS .
To achieve this, up to WordPress 5.7, there were several possible ways :
- With a specialized plugin like Really Simple SSL, which made the changes for you and forced HTTPS.
- With the SSL tools of plugins such as iThemes Security or Redirection .
- Forcing HTTPS from wp-config.php and .htaccess .
But since this version, available since March 2021, they are no longer needed . Now you have in the health tool of the site a notice that informs you if your site works in HTTPS or not.
If you do not even have the SSL certificate installed, this notice will be displayed , informing you of the steps to follow to have it:
And if you already have the certificate installed, but still not changed the URLs or forced HTTPs, you will see this other message:
Well, if you press the button to update your site to use HTTPS 2 things happen:
- Site and WordPress URLs are automatically changed to HTTPS.
- All HTTP URLs are changed to HTTPS.
And your whole site will already work in HTTPS, without the need for plugins or codes .
An important functionality built into WordPress, important for several reasons :
- Comply with the RGPD regulation that obliges us to offer safe browsing on our website.
- Offer users safe browsing on our website or online store, protecting transactions.
- Improve SEO according to Google’s indications that it will reward secure websites, with HTTPS.
- Accelerate your website, since working in HTTPS is the only requirement for our website to use HTTP / 2 and HTTP / 3 if our hosting is compatible.