Deactivating plugin causes mixed content in SSL environment

  • Resolved Demian

    (@demian85)


    5 years ago

    Hello Team,

    I came across something strange with your plugin. Initially I used this plugin to force all contents to run over SSL, like anyone else. But then I figured out that my server has this option as well. So I enabled this.

    When you deactivate your plugin it showed some problems like mixed content for some plugins, because the site is running via https and some plugin file requests were now over http. This can happen.

    So I replaced all http into https via the database and everything was working normal. Then by mistake I activated the SSL plugin again, I deactivated it, and again some plugin content was running over http again. So I had to replace again these strings in the DB. (no changes were made between activating and deactivating, all in 1 minute).

    To me it looks like you let the plugin change certain strings during deactivation, it even is put between the brackets of the deactivation button. I hope you don’t do this for commercial use, that people think they need to activate your plugin again. I find this very odd behaviour. I hope you can explain this to us.

    Regards,
    Demian

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Mark

    (@markwolters)

    Hi Demian,

    The mixed content fixer in Really Simple SSL replaces string from https:// to https:// dynamically using PHP’s str_replace function. Deactivating the plugin will also revert your site- and homeurl to https://. Besides that, the plugin won’t make any changes to your database. If your site uses a theme or plugin that determines URL’s based on the site- and homeurl it’s possible that these resources load over https://. In the future, you can use the ‘Deactivate and keep SSL’ button in the Settings->SSL->Settings menu. That will deactivate the plugin while keeping your site on SSL.

    Let me know if you have any other questions.

    Mark

    Thread Starter Demian

    (@demian85)

    Hi @markwolters

    Okay that option for keeping SSL is a good one, I wasn’t aware of this. However, to me this should be default. As I wrote, the entire database was https and after activating and deactivating some content appears to be http, this is strange. I tested it now twice and it keeps behaving. I can resolve it as I know how to replace these strings in the DB, but for a less comprehended user this might be complex.

    Anyway, bedankt en succes!

    Demian

    Plugin Author Mark

    (@markwolters)

    Hi Demian,

    the reason the site reverts back to https:// when deactivating is to easily revert changes made by the plugin. We often see users activate Really Simple SSL without a valid SSL certificate. That can now easily be reverted by deactivating the plugin. Therefore we won’t make the default to stay on https://. Since the home- and siteurl are reverted back to https:// it is indeed possible some links appear as https://. Updating the home- and siteurl to https:// should solve this issue.

    Mark

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Deactivating plugin causes mixed content in SSL environment’ is closed to new replies.