After Updating Multisite To Latest Really Simple SSL

Hi Greg,

do you know what previous version of Really Simple SSL you were using before updating?

We have made added an extra check to the class-multisite.php in the free plugin to counter this issue. Can you try to replace the current class-multisite.php in your Really Simple SSL plugin folder with the new one here: https://github.com/rlankhorst/really-simple-ssl?

If that doesn’t work you can try to comment out the lines that check the admin and site protocol one by one (the three lines 37, 38 and 39) to see if any of these are responsible for this.

Mark

@markwolters

Thanks for this. I have done the file replacement and test to enable networkwide.

This happened (which is somewhat strange):
https://www.screencast.com/t/xqIzIDr7ut (4 min video showing you)

I thought to let you know about this first beforehand.

Perhaps adjusting the code a bit to be sure it is not redirecting back to github first before proceeding?

Let me know your thoughts?

FYI, I disabled via FTP for now on the network.

??

Greg

Hi Greg,

Thanks for your comprehensive description of what happened ??

I just tried it myself, without any problems, so I suspect you might have copied some HTML from Github as well. Did you try copying the file contents in raw mode, than replacing the file contents?
Here’s the raw file
https://raw.githubusercontent.com/rlankhorst/really-simple-ssl/master/class-multisite.php

Let me know if this helps!

@rogierlankhorst

Yea. I did save as the .php file to download and replace before. I just tried the RAW code to replace just now. This time get the same thing as the original post FYI https://www.screencast.com/t/Cv1LbHsHy9

I will try commenting out next . . . if you think of anything else let me know.

I do now sometimes test environments sometimes do not work exactly like some real world ones.

First time in years having this issue.

My last version I had before this I think was just the last prior version (I think but not 100% sure) FYI too.

I have to deactivate it from the FTP for now (it is working on a non-primary subsite FYI though). It is the primary network site that is doing this.

??

Greg

Will update later . . .

@rogierlankhorst

followup from last post . . .

https://www.screencast.com/t/JiiYgUNAxq This 3 min video show you what was done to get the network dashboard and primary site dashboard to work again after network activated FYI (had to comment out those two lines on the NEW file you sent) on my particular setup/installation.

1. Will the next update prevent that from happening again somehow?

2. I asked another question in the video about network activating as well. Could you let me know on that too?

3. Not on the video above, but another question is that even though it is network active now, how may I still HIDE the SSL options on all subsites dashboards by default unless I want a particular subsite to see the SSL options? This will avoid a lot of people messing around with those options when they should not etc.

Any other info you can think of?

??

Greg

• This reply was modified 7 years, 1 month ago by truebird.
• This reply was modified 7 years, 1 month ago by truebird.
• This reply was modified 7 years, 1 month ago by truebird.
• This reply was modified 7 years, 1 month ago by truebird.

Hi Greg, thanks for the feedback.

First, I think I need to explain why this filter is there. WordPress will return a site_url or home_url always with the protocol you are currently on. This means, that if you are on SSL, and you click a link on network admin to on of your sites that is not on SSL, WordPress shows a https link. As a result, that link does not work.

To remedy this, I have added these filters: if the site where you are retrieving the URL for has a http URL, Really Simple SSL will return a http URL here.

This means that the site you were looking at was having a http URL, which normally should not happen.

I would like to address this issue of course. In the previous edit, I had made an adjust where this filter was not applied for the current blog. But I can imagine this won’t apply to the network admin. so I have made one more adjustment, where the home_url and site_url filter is not applied when you’re looking at the back-end at all.
https://github.com/rlankhorst/really-simple-ssl/blob/master/class-multisite.php

Maybe you could check if this is working for you.

As this issue only pops up when the site you’re looking at does not have a https URL, it is a bit of an edge case, but I’d like to resolve this problem of course!

Hopefully this edit does the trick.

As for your last question: when you enable SSL, the site_url and home_url for those sites will be changed to https, and a redirect is enabled. Nothing else is changed in the database: those URL’s are all fixed with the dynamic mixed content fixer. As a consequence, you can always deactivate SSL again.

If you have any questions, let me know.

@rogierlankhorst

Cool.

I will test it and let you know.

For this:
”
As this issue only pops up when the site you’re looking at does not have a https URL, it is a bit of an edge case, but I’d like to resolve this problem of course!
”

Well the primary site was and is https the whole time with a certificate applied. You mentioned, “. . . this issue only pops up when the site you’re looking at does not have a https URL . . . ” I just wanted to be sure you knew that it was doing it with the primary site that has always been https. Did you realize that already? Just making sure . . . or maybe I am misunderstanding this one.

Thanks!

??

Greg

Greg, I just wanted to say, I really appreciate your efforts in this. That is really helpful for me. Because of what you said about the site URL being https I ran some tests with that, and possibly found the cause.

This is the URL that is being retrieved:
$home_url = get_blog_option($blog_id, 'home');

The filter passes the blog_id. Because I never found any issues in the tests, I never noticed this, but for the current site, the blog_id is empty. So I have now added this:
if (!$blog_id) $blog_id = get_current_blog_id();

Which should prevent unexpected http URL’s popping up in this check.

I’ve just now comitted this, I would appreciate it very much if you could check this latest change. Sorry for all the updates, I was thinking in the wrong direction. Hope this one resolves this!

https://raw.githubusercontent.com/rlankhorst/really-simple-ssl/master/class-multisite.php

Here is a report back (2 min video) https://www.screencast.com/t/GLEnXnZAJq Lookin good and here is what happened . . .

Last question I think (related to the Network enabling):
Another question is that even though it is network active now, how may I still HIDE the SSL options on all subsites dashboards by default unless I want a particular subsite to see the SSL options? This will avoid a lot of people messing around with those options when they should not etc.

I have network activated before but then some people would see that setting and try to randomly enable SSL when they do not have certificates and not equipped.

It would be nice to have a setting in the Super Admin section to set to either default HIDE SSL on all sites or default SHOW. If default HIDE, then have a what to only select the subsites we allow the settings to show up on so subsite admins do not mess with these sensitive options. Thoughts?

??

Greg

Hi Greg,

on the plugin settings on the network admin page there is an option to ‘Hide menu for subsites’. This should hide the SSL menu for all subsites and thus stop people messing around with it.

Currently the plugin doesn’t have the option to select on which subsites to show the menu and on which not to show it. This is something we can possibly add to the plugin. I have put it on the to-do list. Thanks for the feedback.

Mark

Great. That would be nice if you could add that in network super admin area.

Hey Mark ( @markwolters )

Seems to be ok so far. However, I have the SSL Multiste Network activated now. I enabled SSL via a specific subsite(via the per site basis) and it worked perfect. But now I need to disable the SSL only on that same subsite completely temporarily (i.e. I need it to be http only for now again). I don’t see a way to disable it on the subsite though at all. See here https://www.screencast.com/t/JhDeh9Em1Qwt How can I disable SSL on only a single subsite after it has been enabled? Having a button to do this would be great as well for convenience if you can add that ability in a future update?

Anyhow, how can I get this done now?

??

Greg

• This reply was modified 6 years, 12 months ago by truebird.

Hi Greg,

This is already a feature of the pro multisite plugin, but you can achieve this with some code, which you can put in your theme’s functions.php (replace the blog_id with your actual blog_id)

   add_action('admin_init', 'rsssl_deactivate_blog', 70);
    function rsssl_deactivate_blog()
    {
        //enter your blog_id here:
        $blog_id = 3;
        switch_to_blog($blog_id);
	RSSSL()->really_simple_ssl->deactivate_ssl();
        restore_current_blog();
    }