Applicable to:
- Plesk Onyx for Linux
- Plesk Onyx for Windows
Symptoms
-
WordPress was installed on the domain when the domain had SSL/TLS Support option disabled in Domains > example.com > Hosting Settings
-
Advisor shows that WordPress instance is not secured:
-
WordPress SSL/TLS status does not update accordingly when SSL certificate is installed:
Cause
SSL/TLS flag in current WordPress Toolkit implementation shows only which protocol is used at WordPress instance configuration. If WordPress instance configured to use HTTP (both site URL and home options have values starting with http://
, SSL/TLS flag will be yellow (at 'disabled' state).
Resolution
The following can be done in order to solve it:
Click on a section to expand
-
Log into Plesk.
-
Go to Tools & Settings > Advisor > Security tab > Secure WordPress Websites section and click Secure:
-
Select the WordPress instance and click Switch to HTTPS.
-
Log into Plesk
-
Go to WordPress and log in to the Wordpress Admin page of the instance:
-
Go to the Settings menu, change the WordPress Address and Site Address (URL) to
https://example.com
. and click Save Changes -
Go back to WordPress and click the Refresh button in the upper right corner of the instance field:
Comments
2 comments
The proposed method when not using the advisor does not work when having a multisite installation.
In this case, the database changes as proposed at https://webdevstudios.com/2015/02/11/how-to-set-up-https-on-wordpress/ help to get this done.
I remember, that I had login problems with that multsite installation beforehand, and right now, I was wondering whether the problem actually occured since I first relied on using the Advisor securing method. So maybe someone a Plesk can check: Create a new Wordpress installation (non-TLS), convert it into a multisite installation (with subdirectories for the new sites) and then try to enable TLS. Can it be that in this case the advisor securing method breaks the login?
Hi @b_p,
Thank you for the feedback!
I followed the mentioned steps:
1. Created a new Wordpress installation without SSL/TLS enabled
2. Converted it into a multisite installation with "Sub-domains"
3. Enabled SSL/TLS via "Plesk > Domains > example.com > Advisor > Secure WordPress Websites | Switch to HTTPS"
However, it did not break the logging to the WordPress possibility
Please sign in to leave a comment.