Really Simple SSL on WordPress Plugin
<p>Easily improve site security with WordPress hardening, vulnerability detection and SSL certificate generation.</p>
<h3>Really simple, effective and lightweight WordPress Security</h3>
<p>Really Simple SSL is the most lightweight and easy-to-use security plugin for WordPress. It lays the foundation of your WordPress website’s security by leveraging your SSL certificate, scanning for possible vulnerabilities and implementing essential WordPress hardening features.</p>
<p>We believe that security should have the absolute minimum effect on website performance, user experience and maintainability. Therefore, Really Simple SSL is:</p>
<ul>
<li><strong>Lightweight:</strong> Every security feature is developed with a modular approach and with performance in mind. Disabled features won’t load any redundant code.</li>
<li><strong>Easy-to-use:</strong> 1-minute configuration with short onboarding setup.</li>
</ul>
<h3>Security Features</h3>
<h4>Easy SSL Migration</h4>
<p>Migrates your website to HTTPS and enforces SSL in just one click.</p>
<ul>
<li>301 redirect via PHP or .htaccess</li>
<li>Secure cookies</li>
<li>Let’s Encrypt: Install an SSL Certificate if your hosting provider supports manual installation.</li>
<li>Server Health Check: Your server configuration is every bit as important for your website security.</li>
</ul>
<h4>WordPress Hardening</h4>
<p>Tweak your configuration and keep WordPress fortified and safe by tackling potential weaknesses.</p>
<ul>
<li>Prevent code execution in the uploads folder</li>
<li>Prevent login feedback and disable user enumeration</li>
<li>Disable XML-RPC</li>
<li>Disable directory browsing</li>
<li>Username restrictions (block ‘admin’ and public names)</li>
<li>and much more..</li>
</ul>
<h4>Vulnerability Detection</h4>
<p>Get notified when plugins, themes or WP core contain vulnerabilities and need appropriate action.</p>
<h3>Improve Security with Really Simple SSL Pro</h3>
<p><a href="https://really-simple-ssl.com/" rel="nofollow ugc">Protect your site with all essential security features by upgrading to Really Simple SSL Pro.</a></p>
<h4>Advanced SSL enforcement</h4>
<ul>
<li>Mixed Content Scan & Fixer. Detect files that are requested over HTTP and fix it, both Front- and Back-end.</li>
<li>Enable HTTP Strict Transport Security and configure your site for the HSTS Preload list.</li>
</ul>
<h4>Security Headers</h4>
<p>Security headers protect your site visitors against the risk of clickjacking, cross-site-forgery attacks, stealing login credentials and malware.</p>
<ul>
<li>Independent of your Server Configuration, works on Apache, LiteSpeed, NGINX, etc.</li>
<li>Protect your website visitors with X-XSS Protection, X-Content-Type-Options, X-Frame-Options, a Referrer Policy and CORS headers.</li>
<li>Automatically generate your WordPress-tailored Content Security Policy.</li>
</ul>
<h4>Vulnerability Measures</h4>
<p>When a vulnerability is detected in a plugin, theme or WordPress core you will get notified accordingly. With Vulnerability Measures, you can configure simple but effective measures to make sure that a critical vulnerability won’t remain unattended.</p>
<ul>
<li>Force update: An update process will be tried multiple times until it can be assumed development of a theme or plugin is abandoned. You will be notified during these steps.</li>
<li>Quarantine: When a plugin or theme can’t be updated to solve a vulnerability, Really Simple SSL can quarantine the plugin.</li>
</ul>
<h4>Advanced Site Hardening</h4>
<ul>
<li>Choose a custom login URL</li>
<li>Automated File Permissions check and fixer</li>
<li>Rename and randomize your database prefix</li>
<li>Change the debug.log file location to a non-public folder</li>
<li>Disable application passwords</li>
<li>Control admin creation</li>
<li>Disable HTTP methods, reducing HTTP requests</li>
</ul>
<h4>Login Protection</h4>
<p>Secure your website’s login process and user accounts with powerful security measures.</p>
<ul>
<li>Two-Step verification (Email login)</li>
<li>Enforce strong passwords and frequent password change</li>
<li>Limit Login Attempts</li>
</ul>
<p>With Limit Login Attempts you can configure a threshold to temporarily or permanently block IP addresses or (non-existing) usernames. You can also throw a CAPTCHA after a failed login (hCaptcha or Google reCaptcha)</p>
<h4>Access Control</h4>
<ul>
<li>Restrict access to your site for specific regions.</li>
<li>Add specific IP addresses or IP ranges to the Blocklist or Allowlist.</li>
</ul>
<h3>Useful Links</h3>
<ul>
<li><a href="https://really-simple-ssl.com/knowledge-base-overview/" rel="nofollow ugc">Documentation</a></li>
<li><a href="https://really-simple-ssl.com/definitions/" rel="nofollow ugc">Security Definitions</a></li>
<li><a href="https://translate.wordpress.org/projects/wp-plugins/really-simple-ssl" rel="nofollow ugc">Translate Really Simple SSL</a></li>
<li><a href="https://github.com/Really-Simple-Plugins/really-simple-ssl/issues" rel="nofollow ugc">Issues & pull requests</a></li>
<li><a href="https://really-simple-ssl.com/feature-requests/" rel="nofollow ugc">Feature requests</a></li>
</ul>
<h3>Love Really Simple SSL?</h3>
<p>If you want to support the continuing development of this plugin, please consider buying <a href="https://www.really-simple-ssl.com/pro/" rel="nofollow ugc">Really Simple SSL Pro</a>, which includes some excellent security features and premium support.</p>
<h3>About Really Simple Plugins</h3>
<p>Our mission is to make complex WordPress requirements really easy. Really Simple SSL is developed by <a href="https://www.really-simple-plugins.com" rel="nofollow ugc">Really Simple Plugins</a>.</p>
<p>For generating SSL certificates, Really Simple SSL uses the <a href="https://github.com/fbett/le-acme2-php/" rel="nofollow ugc">le acme2 PHP</a> Let’s Encrypt client library, thanks to ‘fbett’ for providing it. Vulnerability Detection uses WP Vulnerability, an open-source initiative by Javier Casares. Want to join as a collaborator? We’re on <a href="https://github.com/really-simple-plugins/really-simple-ssl" rel="nofollow ugc">GitHub</a> as well!</p>
Release History
Subscribe above to receive notifications when new versions are released.
Version | Date | Stability |
---|---|---|
8.1.3 | Stable | |
8.1.2 | Stable | |
8.1.1 | Stable | |
8.1.0 | Stable | |
8.0.0 | Stable | |
7.2.3 | Stable | |
7.2.2 | Stable | |
7.2.1 | Stable | |
7.2.0 | Stable | |
7.1.3 | Stable | |
7.1.2 | Stable | |
7.1.1 | Stable | |
7.1.0 | Stable | |
7.0.9 | Stable | |
7.0.8 | Stable | |
7.0.7 | Stable | |
7.0.6 | Stable | |
7.0.5 | Stable | |
7.0.4 | Stable | |
7.0.3 | Stable | |
7.0.2 | Stable | |
7.0.1 | Stable | |
7.0.0 | Stable | |
6.2.5 | Stable | |
6.2.4 | Stable | |
6.2.3 | Stable | |
6.2.2 | Stable | |
6.2.1 | Stable | |
6.2.0 | Stable | |
6.1.1 | Stable | |
6.1.0 | Stable | |
6.0.14 | Stable | |
6.0.13 | Stable | |
6.0.12 | Stable | |
6.0.11 | Stable | |
6.0.10 | Stable | |
6.0.9 | Stable | |
6.0.8 | Stable | |
6.0.7 | Stable | |
6.0.6 | Stable | |
6.0.5 | Stable | |
6.0.4 | Stable | |
6.0.3 | Stable | |
6.0.2 | Stable | |
6.0.1 | Stable | |
6.0.0 | Stable | |
5.3.5 | Stable | |
5.3.4 | Stable | |
5.3.3 | Stable | |
5.3.2 | Stable |