Hi,
I’ve just installed an SSL on my client’s site and we are using your Theme. I’ve read in here that you recommend that the following plugin is used to ensure mixed content does not break SSL:
https://wordpress.org/plugins/wordpress-https/
Despite the fact this seems to work, I’m very surprised that you recommend a plugin that was last updated more than 3 years ago. I really don’t think that’s good business practice.
The two main files that are considered insecure are the two images outlined in the attached image – the website background image and the page title bar image. In many other themes I use, when images are uploaded for these, there is a box next/below the image that shows the path of the image, and instead of the path being the full path such as:
http://www.domain.com/wp-content/themes/neighbourhood/images/preset-backgrounds/grilled.png
it’s a relative path such as:
/wp-content/themes/neighbourhood/images/preset-backgrounds/grilled.png
This way it does not break SSL.
This is an easy fix and saves people having to install another plugin – one that is out of date by 3 years.
May I ask why you force people to take these steps, rather than allow the system to use relative URLs?
Attachments:
You must be
logged in to view attached files.