Апісанне

Flex SSL is a lightweight WordPress plugin designed to secure your website by enforcing HTTPS across your entire site. Key features include:

Force HTTPS: Automatically redirect all HTTP requests to HTTPS.
Auto-Update URLs: Change WordPress site and home URLs from HTTP to HTTPS.
Cloudflare/Proxy Support: Detects HTTPS headers from Cloudflare or other reverse proxies to avoid redirect loops.
Security Headers: Optionally add HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy. Force SSL Admin when HTTPS is in use.
Mixed Content Fixer: Corrects HTTP to HTTPS in content, excerpts, thumbnails, scripts, styles, content_url, and home_url.
SSL Status: View current SSL status and certificate expiry date.
Redirect Options: Choose between 301 (permanent) and 302 (temporary) redirects.
Logs & Reports: Monitor changes and events in a log system.
Let’s Encrypt Integration (Coming Soon): Plan to automatically generate and renew SSL certificates.

License

Flex SSL is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version.

For more details, see https://www.gnu.org/licenses/gpl-2.0.html.

Screenshots

General Settings – Configure SSL, force HTTPS, and update site URLs.
Security Settings – Enable mixed content fixer, HSTS, and other headers.
SSL Status – View if SSL is enabled and check certificate expiry.
Redirect Settings – Select 301 Permanent or 302 Temporary redirects.
Let’s Encrypt (Coming Soon) – Placeholder screen for upcoming functionality.
Logs – View and clear recent logs.

Ўсталёўка

Upload the flex-ssl folder to your /wp-content/plugins/ directory or install via the WordPress plugin installer.
Activate the plugin through the WordPress admin.
Navigate to the Flex SSL settings page from the admin menu.
Configure the desired settings:
- Enable SSL.
- Force HTTPS.
- Auto-update WordPress site URLs to HTTPS.
- Enable security headers and mixed content fixer.
(Coming Soon) Use the upcoming Let’s Encrypt integration to generate SSL certificates automatically.

Часта задаваныя пытанні

Does Flex SSL work behind Cloudflare?: Yes. Flex SSL supports reverse proxy configurations including Cloudflare’s Flexible and Full SSL modes by detecting proxy headers.
Do I need to modify wp-config.php?: No. Flex SSL is designed to work out-of-the-box without requiring changes to wp-config.php.
How do I generate an SSL certificate?: Let’s Encrypt integration is marked as “Coming Soon.” Future versions will allow you to generate and renew SSL certificates directly from the plugin.
What happens if SSL is not installed on my server?: The plugin detects SSL availability and will disable features if no certificate is found. A notice is shown in the settings area to guide you.

Водгукі

На гэты плагін няма водгукаў.

Удзельнікі і распрацоўшчыкі

“Flex SSL” is open source software. The following people have contributed to this plugin.

Flex Plugins

Перакласці “Flex SSL” на вашу мову.

Зацікаўлены ў распрацоўцы?

Праглядзіце код, праверце SVN рэпазітарый, або падпішыцеся на журнал распрацоўкі па RSS.

Журнал змяненняў

1.0.8

WordPress.org compatibility: Tested up to 6.8.
Ensure all output strings use esc_html, esc_attr, esc_url (Recent Logs, Clear Logs, About link, nav-tab class).
uninstall.php and index.php already present (confirmed).

1.0.7

UX: Added labels for all checkboxes (accessibility).
UX: Added short help text for Update Site URL, HSTS, WooCommerce Safe Mode, and other options.
UX: SSL certificate expiry now shows relative text (e.g. “Expires in 30 days”).

1.0.6

Added load_plugin_textdomain for i18n (plugins_loaded).
Added index.php in plugin root for security.
Added uninstall.php to remove options on uninstall.
Replaced Clear Logs location.reload with wp_safe_redirect (handler moved to admin_init).

1.0.5

Fixed tab redirect after save: add flex_ssl_active_tab and flex_ssl_nonce hidden fields to forms; use wp_redirect filter.

1.0.4

Mixed Content Fixer: Extended to the_excerpt, post_thumbnail_url, script_loader_src, style_loader_src, content_url, home_url.

1.0.3

Performance: Cache is_ssl_available() result (1 hour transient) to avoid repeated socket connections.
Performance: Site URL updates run at most once per 24 hours; transient invalidated when option is changed.

1.0.2

Security: Validate Host header to prevent header injection (redirects, SSL checks).
FORCE_SSL_ADMIN is now optional and only set when SSL is in use.
Removed deprecated X-XSS-Protection header (modern browsers deprecate it).

1.0.1

Fixed option typo: flex_ssl_flex_ssl_woo_safe_mode renamed to flex_ssl_woo_safe_mode.
WooCommerce Safe Mode now respects the setting (was always redirecting).
Fixed logs option: custom sanitizer for array storage (was incorrectly using wp_kses_post).
Added Logs tab to settings page (logs_settings existed but tab was missing).

1.0.0

Initial release of Flex SSL.
Force HTTPS on front-end.
Auto-update site URLs to HTTPS.
Cloudflare and reverse proxy support.
Security headers and mixed content fixer.
SSL status and logs.
(Coming Soon) Let’s Encrypt integration for automatic SSL generation.