Can this plugin be used as a permanent fix?

  • I think I may have misunderstood the purpose of this plugin. I thought it finds the insecure content AND changes it at the same time on the WordPress database.

    I’m not sure if I have the confidence to run a tool to go through the database and permanently change it.

    Can your plugin be used as a permanent fix even though it is not actually changing anything on the database? I understand that I would never be able to deactivate it if I do.

    I have also been advised to not depend on a plugin. What happens if this plugin is no longer supported in the future? Will this plugin remain actively supported? Will future versions of WordPress that require SSL still see my website as secure if I fix all the insecure content even though the actual database is not changed?

    Your advice is greatly appreciated.

    Thank you.

Viewing 1 replies (of 1 total)
  • Plugin Author webaware

    (@webaware)

    G’day lauritasita,

    This plugin can be used as a permanent fix if you leave it activated.

    Its original purpose was to correct badly registered scripts and stylesheets, which requires the plugin to be activated. I’ve since added new fixer modes that also fix things in content, widgets, and hard-coded into templates. All of this happens on-the-fly which means that on the one hand, the plugin must be activated to keep working, and on the other hand, it doesn’t make any changes to the website so it cannot damage the site. That last point means that if you have a problem with this plugin, you can simply remove it from the site.

    The advice to not depend on a plugin is generally good advice. If you are able to clean up all of the things that are causing your insecure content errors, then that is best for your website.

    This plugin isn’t going to disappear or stop working any day soon, however. I use it myself for websites I develop and maintain. I wrote it initially because there were plugins doing things badly, and I still find problems in plugins and themes today. I keep it maintained, testing it with every beta release of WordPress and major plugins before they get general release, so that I can make any necessary changes before changes in WordPress can impact sites using this plugin.

    The future of https on WordPress is likely to bring some fixes in the WordPress core that make this plugin unnecessary. Also, building websites on all-https from day one (no http pages) generally avoids insecure content problems. In my experience with insecure content, however, there will always be something that breaks the site, and this plugin will be there to clean that up!

    cheers,
    Ross
    (and happy new year, just over nine hours away for me now!)

Viewing 1 replies (of 1 total)
  • The topic ‘Can this plugin be used as a permanent fix?’ is closed to new replies.