This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

Join our FREE webinar: Discover how Immunify360's advanced malware scanning secures your site. REGISTER NOW→

Really Simple SSL Review: A Free Plugin for Activating SSL on WordPress

Updated on March 25, 2021

5 Min Read
really simple ssl

Almost everyone is familiar with the green padlock icon next to the website URL in the browser. But have you wondered why it’s even there, or if it’s even necessary for your website?

The padlock next to a URL indicates that the website you are visiting has enabled the SSL protocol (Secure Sockets Layer) to secure communication between the client and server. You can also confirm that a website uses SSL if its URL starts with HTTPS instead of HTTP.

Why Do You Need SSL on My Website?

An SSL certificate ensures that all data submitted through your website is encrypted and the data is securely transported from client to server. Without an SSL, your visitors are at risk of having their sensitive data stolen.

Even if your site does not collect sensitive information from visitors, there are still many reasons to get your website on SSL. Without using any form of encryption, your website’s security is also at risk from several types of attacks. Furthermore, multiple search engines have stated that a website secured with SSL will have an advantage over unsecured websites.

Why Should You Use Really Simple SSL?

Really Simple SSL activates SSL on your WordPress without the need for coding skills. The plugin automatically detects your settings and configures your website to operate on HTTPS. Since Cloudways provides a free SSL certificate with all hosting packages, it can be easily activated and configured with Really Simple SSL.

Really Simple SSL is the most popular SSL plugin for WordPress, with over 5 million active installations. The plugin is lightweight and incredibly easy, as it allows you to enable SSL with just a single click.

Found the Right SSL Plugin? Your Site Needs More.

Download our FREE ebook to unlock 45+ essential WordPress plugins for your site’s overall performance & security optimization.

Thank You

Your list is on it’s Way to Your Inbox.

Automatically Fix SSL Issues

Really Simple SSL also automatically fixes most issues that WordPress has with SSL. No headers being passed to WordPress (which it uses to detect SSL), load balancers, reverse proxies, etc.

really simple ssl fix issues

Redirect Requests to HTTPS

When SSL is activated, anyone who attempts to visit the HTTP URL should be redirected to HTTPS. The PHP redirect (301 Redirect) is enabled by default. However, you can use a .htaccess redirect as well. The .htaccess redirect is faster and more reliable, making it the recommended option for sites running on Apache webservers.

Replace Content from HTTP to HTTPS

Really Simple SSL scans for insecure and mixed content on your website and dynamically fixes this by replacing the HTTP URLs with HTTPS, except for hyperlinks to other domains.

Change siteURL and homeURL to HTTPS

Automatically change your siteURL and homeURL to HTTPS and, if applicable, make the necessary changes to the “wp-config.php“ file.

Migration in WordPress 5.7

From WordPress 5.7, it became possible to migrate your website to HTTPS with a button that updates the site. Really Simple SSL goes beyond this functionality by dynamically fixing mixed content and safeguarding that the migration has been completed successfully.

Really Simple SSL Pro

It is recommended to use security headers on your website, and Really Simple SSL Pro can automatically implement these for you. Security headers apply extra security rules to your site, adding an additional layer of security. Moreover, the Pro version supports HttpOnly and secure flags to make cookies secure/encrypted.

really simple ssl security headers

Submit Your Site to the HSTS Preload List

HTTP Strict Transport Security (HSTS) is designed for situations where another site pretends to be your site. Imagine a user visiting your site from a public network, but a hacker redirects the user to a fake version of your site. This phony domain is not on SSL and contains a virus.

If you enable HSTS on your site and the user visited your site before, their browser remembers using SSL for that site. The fake site does not have an SSL certificate and becomes unreachable as a result.

It could be that the user never visited your site before, making it possible to request the HTTP version, so to prevent this from happening, a preload list was created that gets preloaded in supported browsers. If the user opens your site in the browser, it will know to request it over SSL.

Elaborate Mixed Content Scan

Certain types of mixed content cannot be dynamically fixed. Really Simple SSL Pro includes an extensive scan to detect and highlight mixed content sources, with a ‘fix’ button that automatically fixes these issues. The types of mixed content that can be fixed automatically with the Pro plugin are listed below.

HTTP Links in Stylesheets or JavaScript Files

HTTP links in your site to JavaScript files or stylesheets on other domains included JS or CSS files on other domains and this domain does not have an SSL certificate HTTP links in CSS or JS files on other domains hot-linked images.

really simple ssl mixed content scan

Final Thoughts!

Really Simple SSL receives regular updates that include new features and other improvements. As a Top 10 plugin on the WordPress repository, the plugin has proven to be a must-use for every WordPress website. You can upgrade to the Pro version for just $29. Considering the automatic scan & fix functionality for insecure content, plus the number of additional security features in the Pro version, it’s worth the upgrade.

The plugin’s team is always willing to help out whether you use the Free or Paid version. Their support team is very responsive and goes the extra mile to help customers with any issues they might encounter.

Note: This article was published in collaboration with Really Simple SSL.

Frequently Asked Questions

Q. Can I delete Really Simple SSL?

Yes, you can safely delete the Really Simple SSL plugin. However, deactivating it will disable SSL, reverting to insecure HTTP. If switching, configure the new SSL solution to maintain security.

Q. How much is Really Simple SSL plugin?

Really Simple SSL has a free version on WordPress.org. For advanced features and support, the Pro version is priced at $49 (Personal), $99 (Professional), and $199 (Agency).

Q. How to generate an SSL certificate with Really Simple SSL?

Really Simple SSL doesn’t generate SSL certificates. Obtain one from a Certificate Authority (e.g., Let’s Encrypt), then let the plugin automate the setup after installation and activation.

Q. Should I use the Really Simple SSL plugin?

Yes, you can use the Really Simple SSL plugin if you want to enable SSL on your WordPress site with automatic redirects and minimal configuration. However, before picking up the plugin, consider compatibility and dependency on the plugin’s continued maintenance and updates.

Q. What is a Simple SSL certificate?

A Simple SSL certificate (SSL/TLS) encrypts data between a user’s browser and the website server, securing sensitive information. Really Simple SSL simplifies SSL certificate implementation on WordPress for a seamless transition to HTTPS.

Share your opinion in the comment section. COMMENT NOW

Share This Article

Mansoor Ahmed Khan

Been in content marketing since 2014, and I still get a kick out of creating stories that resonate with the target audience and drive results. At Cloudways by DigitalOcean (a leading cloud hosting company, btw!), I lead a dream team of content creators. Together, we brainstorm, write, and churn out awesome content across all the channels: blogs, social media, emails, you name it! You can reach out to me at [email protected].

×

Get Our Newsletter
Be the first to get the latest updates and tutorials.

Thankyou for Subscribing Us!

×

Webinar: How to Get 100% Scores on Core Web Vitals

Join Joe Williams & Aleksandar Savkovic on 29th of March, 2021.

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Want to Experience the Cloudways Platform in Its Full Glory?

Take a FREE guided tour of Cloudways and see for yourself how easily you can manage your server & apps on the leading cloud-hosting platform.

Start my tour

CYBER WEEK SAVINGS

  • 0

    Days

  • 0

    Hours

  • 0

    Mints

  • 0

    Sec

GET OFFER

For 4 Months &
40 Free Migrations

For 4 Months &
40 Free Migrations

Upgrade Now