Volixta SSL & Security Headers

Description

Is your WordPress site still serving pages over HTTP instead of HTTPS?
Do you see browser warnings like « Not Secure » even though you installed SSL?
Are you getting mixed content errors in Chrome or Firefox after enabling HTTPS?
Is your Site Health report complaining about missing security headers?

👉 Volixta SSL & Security Headers fixes all of these in a few clicks.

Easily activate SSL, force 301 redirects, repair mixed content, and apply recommended WordPress security headers like HSTS, CSP, and X-Frame-Options.

🔐 What does Volixta do?

• Activate SSL automatically: safely update your WordPress home and siteurl to use https://.
• Force HTTPS with 301 redirect: adds a safe .htaccess block on Apache/LiteSpeed, or falls back to a PHP redirect if needed.
• Fix mixed content: scans your posts, postmeta, and options for http:// links and replaces them with https:// (serialization-safe).
• Apply modern HTTP Security Headers: HSTS, Content-Security-Policy (upgrade-insecure-requests), X-Frame-Options, Referrer-Policy, Permissions-Policy, COOP/COEP/CORP.
• Nginx friendly: when .htaccess is not available, Volixta shows ready-to-copy Nginx rules.
• Site Health integration: checks for SSL, redirects, and security headers.

✅ Why choose Volixta?

• Safe by design
  Nothing is applied automatically. You choose what to enable. Each .htaccess modification creates a timestamped backup.

• Serialization-safe mixed content fixer
  No risk of breaking complex serialized data in postmeta or options.

• Admin-only processing
  Everything runs in the admin area. The frontend only uses the optional PHP redirect when required.

• Localhost aware
  Detects local environments (localhost, .local, .test) and provides instructions for enabling trusted HTTPS locally with mkcert.

🔎 Typical problems solved

How do I activate SSL in WordPress?
→ One click in Volixta updates your site to HTTPS safely.

How do I force HTTPS with 301 redirects?
→ Volixta inserts a safe .htaccess redirect or uses a PHP fallback.

My Site Health report says “No security headers detected”.
→ Apply modern security headers in one click.

How can I add WordPress security headers without editing code?
→ Configure and apply headers from the plugin interface.

After enabling SSL, my site still shows mixed content errors.
→ Run the Mixed Content Scan + Fixer.

I’m on Nginx, so .htaccess doesn’t work.
→ Volixta provides ready-to-copy Nginx configuration snippets.

Privacy

This plugin does not collect, store, or transmit personal data.

Localization

Text domain: volixta-ssl-security-headers
Load path: /languages

What’s Next

If you like this plugin, check out our other tools:

• VOLIXTA Booking – The All-in-One WordPress Booking Plugin
  Manage unlimited staff, services, clients, payments, and locations in one powerful system.

• VOLIXTA Security Suite – Advanced WordPress Security Made Simple