[wp-hackers] Best way to avoid mixed http/https content
david at wordshell.net
Fri Feb 28 12:13:08 UTC 2014
I'm aware that there are *lots* of ways to avoid mixed http/https
content warnings, but I'm looking for any insight into the best way of
doing this. The use case is for a site that is intended to be available
over both http and https.
In particular, I'm talking about content inside posts. (Not about the
The WordPress editor always inserts full links for media. i.e. It
includes the uploads URL setting (which can of course be set in
different ways). This is good, because it means that you can move the
site from one place to another, and you just need to search/replace the
URLs. However, that doesn't work well if the site is meant to be
available via both http and https. It'll cause mixed content warnings.
So, you could manually edit the links to remove the protocol. i.e.
change your image links from
//example.com/wp-content/uploads. That's rather cumbersome, though - and
makes the search/replace (slightly) more complex when moving from live
to staging/dev, etc. If you change to relative links,
/wp-content/uploads, then that's also cumbersome, and makes any
search/replace very dangerous.
So, I think the best solution to this is probably a plugin that
dynamically filters the post output, depending on whether is_ssl() is true.
Does this seem right? If so, any suggested plugins?
http://wordpress.org/plugins/wordpress-https/ looks like the "big beast"
in the area, but to my mind a plugin author who can't be bothered to
update his readme.txt beyond " Compatible up to: 3.5.2" isn't committed,
so you're setting yourself up for future trouble by ignoring that red
flag. Presumably this simple use case could be done with just a quick
filter on the content and I should do that. Again, I'm wondering if
anyone has experience/advice on this.
UpdraftPlus - best WordPress backups - http://updraftplus.com
WordShell - WordPress fast from the CLI - http://wordshell.net
More information about the wp-hackers