Really Simple SSL Pro is one of the most popular SSL security plugins on the WordPress platform, designed to simplify the HTTPS configuration process. This premium plugin can automatically detect your server environment and intelligently configure all necessary SSL settings, allowing your website to easily implement full HTTPS encryption.
As a lightweight plugin, Really Simple SSL Pro will not slow down your website. It automatically handles mixed content issues, fixes insecure HTTP links, and ensures that your website fully complies with modern browser security standards. The plugin also offers advanced features such as HTTP Strict Transport Security (HSTS) configuration, secure cookie settings, etc., to enhance website security comprehensively.
Really Simple SSL Pro is especially suitable for e-commerce websites, membership sites, and any sites that need to handle sensitive data. It works perfectly with free SSL certificates like Let’s Encrypt and is also compatible with various paid SSL certificates. The plugin interface is clean and intuitive, making it easy for non-technical users to get started.
The latest version fixes multiple known issues and optimizes performance to ensure full compatibility with the latest version of WordPress. We provide long-term uninterrupted update services to ensure you are always using the safest and most stable version.
With Really Simple SSL Pro, you can: enable full-site HTTPS with one click, automatically fix mixed content issues, configure advanced security headers, monitor SSL certificate status, etc. These features will significantly enhance your website’s SEO performance and user trust, especially considering Google uses HTTPS as a ranking factor.
🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹 Version Update Log 🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹🔹
The update log for Really Simple SSL Pro plugin is as follows:
= 9.3.1 =
* Fix: An error may occur during logout in certain cases when enabling custom login URLs.= 9.3.0 =
* Added: Manually create CSP entries.
* Performance: Generate backup codes only when configuring TOTP.
* Improvement: Prevent features requiring email from being used when email is unverified.
* Improvement: Added better text to verify the action of resending 2FA emails.
* Improvement: Remove email tokens after successful login.
* Improvement: Updated LLA database structure to be compatible with MySQL 5.7.
* Fix: Improved user role handling to prevent undefined array keys in 2FA.
* Fix: All instructional links are now correct.
* Fix: Undefined array key “m” when displaying vulnerability details.
* Fix: Prevent errors when downgrading to the free version.
* Fix: Resolved compatibility issues between 2FA and JetPack's “Log in with WordPress.com account” setting.= 9.2.0 =
* Improvement: Limited the number of header test requests in CSP learning mode.
* Improvement: Prevented 404 blocker activation if a 404 error is detected on the homepage to avoid unnecessary locking.
* Improvement: Two-factor authentication now supports custom login interface.
* Improvement: Updated endpoint version.
* Improvement: Disabling file permission checks will correctly reset the file permission list.
* Fix: Header settings lost in some cases after temporarily deactivating the plugin.
* Fix: In some cases, unable to correctly close review notifications.
* Fix: Added nonce check for the certificate recheck button.
* Added: File change detection. This feature will track suspicious file changes beyond regular updates.= 9.1.4 =
* Improvement: Do not track 404 errors for logged-in users.
* Improvement: Implemented rsssl_wpconfig_path filter in all wp-config functions.
* Improvement: When blocking IPs in the admin panel, usernames will not be blocked after login.
* Improvement: Complete onboarding faster after clicking the finish button.
* Improvement: CSS. The data table shield in the user interface is no longer truncated.
* Fix: 404 blocker now immediately writes rules to the advanced-headers.php file.
* Fix: Fixed dropdown height for custom login URL 404 page selector.
* Fix: LLA username blocking not expired.
* Fix: Notifications no longer displayed when firewall is enabled.
* Fix: Reset 2FA attempt counter and notifications after successful login.
* Fix: 2FA cleanup causing login failures.
* Fix: Batching when creating initial database entries for “Force frequent password changes” to prevent memory issues on sites with a large number of users.= 9.1.3 =
* Improvement: Width vulnerability -> Configuration.
* Improvement: 2FA lockout notifications.
* Improvement: Captured short initialization in advanced-headers file.
* Improvement: String enhancements and translation comments.
* Improvement: Bitnami support for rsssl_find_wordpress_base_path().
* Improvement: Integrated site health notifications with Solid Security.
* Improvement: Enhanced random password generation in the 'Rename Admin User' feature.
* Improvement: wpconfig_path() function always returns a string.
* Improvement: Removed user configuration options when editing a user.
* Fix: Removed duplicate site URL.
* Fix: Ensured rsssl_sanitize_uri_value() function always returns a string to prevent errors.
* Fix: Multi-site users with enabled roles cannot use 2FA if other roles are enforced.
* Fix: After selecting email method as an option, the 'Skip Setup' button renders an undefined page.= 9.1.2 =
* Improvement: Enhanced error handling.= 9.1.1.1 =
* November 5, 2024
* Fix: Fixed a bug where the 2FA grace period remained active after reset.= 9.1.1 =
* October 30, 2024
* Improvement: Setting rsssl-safe-mode.lock file now also enables safe mode and disables firewall, 2FA, and LLA for debugging.
* Improvement: Updated system status.
* Improvement: Text changes.
* Improvement: Updated documentation URL.
* Improvement: Changed site health notification from critical to recommended.
* Improvement: Removed outdated React library.
* Improvement: Added site URL in email warnings regarding suspicious admin account creation.
* Improvement: Provided more feedback if the 2FA grace period has expired.
* Improvement: Users enforced to use 2FA will receive email reminders three days before the grace period expires.
* Fix: Email login button not working.
* Fix: Setup and login buttons did not save the correct configuration.= 9.1.0 =
*New: User agent blocking.
*Improvement: Added captcha URL to the default content security policy rules.
*Improvement: Automatically remove free plugins and translation files when Pro is activated.
*Improvement: Adjust logo size in 2FA emails.
*Improvement: Allow scanning security headers at http://scan.really-simple-ssl.com with just one click.
*Improvement: Exclude the MPDF library from permissions detection in Compliance.
*Improvement: Remove unnecessary rsssl_update_option calls.
*Fix: Prevent potential errors in login feedback.
*Fix: Catch type error when $transmits is not an array.
*Fix: Compatibility of custom login URL with password-protected pages.
*Fix: Prevent potential errors when adding IP addresses to the firewall allocation list.= 9.0.2 =
*Fix: Issue with deactivating 2fa.= 9.0.1 =
*September 16, 2024
*Fix: Prevent duplicate database queries on the firewall settings page.
*Fix: Instruction URL in firewall settings.
*Fix: Prevent bypass of custom login URL on Multisite.
*Fix: Capture the case where entries in MaxMind DB return null.
*Fix: Fixed incorrect instruction URL.
*Fix: Cancel notifications when viewing the dashboard.
*Improvement: Due to X-Frame-Options being deprecated and replaced by frame ancestors, we recommend removing the header.= 9.0.0 =
*September 6, 2024
*Security: Bypass of multisite login URLs.
*Security: 2fa bypass fix, props Julio Potier@SecuPress.
*Fix: Let's Encrypt returning old certificates on auto-renewed certificates.
*Fix: Limit on multiple selections in login attempts.
*Improvement: Better user experience synchronization between CSP and frame ancestors.
*Improvement: Save and continue in vulnerability overview, but not functioning properly.= 8.3.0.1 =
*Fix: Issue with decrypting models.= 8.3.0 =
*August 12, 2024
*Feature: Password security scan. This feature scans for users' weak passwords and allows you to enforce the use of non-leaked passwords.
*Fix: Fixed some untranslated strings. This issue has been resolved.
*Fix: The advanced support link was not working. It now links to the correct page.
*Improvement: Disable cron jobs when deactivated.
*Fix: Links in emails were sometimes incorrect. This issue has been resolved.
*Fix: Critical error during permission detection. This issue has been resolved.
*Improvement: Custom headers for license checks to better accommodate certain hosting environments.
*Improvement: Added an option to disable the X-powered-by header.
*Improvement: New improved encryption methods for certain settings.
