Articles in this section

See more

Wordpress SSL/TLS status does not update accordingly when SSL certificate is installed

Avatar
Marc López
Updated
Follow

Applicable to:

  • Plesk Onyx for Linux
  • Plesk Onyx for Windows

Symptoms

  • WordPress was installed on the domain when the domain had SSL/TLS Support option disabled in Domains > example.com > Hosting Settings

  • Advisor shows that WordPress instance is not secured:

    3_-_Copy.png

  • WordPress SSL/TLS status does not update accordingly when SSL certificate is installed:

    ssl-disabled.png

Cause

SSL/TLS flag in current WordPress Toolkit implementation shows only which protocol is used at WordPress instance configuration. If WordPress instance configured to use HTTP (both site URL and home options have values starting with http://, SSL/TLS flag will be yellow (at 'disabled' state).

Resolution

The following can be done in order to solve it:

Click on a section to expand

If Advisor extension is installed

  1. Log into Plesk.

  2. Go to Tools & Settings > Advisor > Security tab > Secure WordPress Websites section and click Secure:

    ssl-secure.png

  3. Select the WordPress instance and click Switch to HTTPS.

If Advisor extension is not installed

  1. Log into Plesk

  2. Go to WordPress and log in to the Wordpress Admin page of the instance:

    wp-login.png

  3. Go to the Settings menu, change the WordPress Address and Site Address (URL) to https://example.com. and click Save Changes

    wp-settings.png

  4. Go back to WordPress and click the Refresh button in the upper right corner of the instance field:

    wp-refresh.png

Comments

2 comments

Sort by Date Votes
  • Avatar
    b_p

    The proposed method when not using the advisor does not work when having a multisite installation.

    In this case, the database changes as proposed at https://webdevstudios.com/2015/02/11/how-to-set-up-https-on-wordpress/ help to get this done.

    I remember, that I had login problems with that multsite installation beforehand, and right now, I was wondering whether the problem actually occured since I first relied on using the Advisor securing method. So maybe someone a Plesk can check: Create a new Wordpress installation (non-TLS), convert it into a multisite installation (with subdirectories for the new sites) and then try to enable TLS. Can it be that in this case the advisor securing method breaks the login?

    0
    Comment actions Permalink
  • Avatar
    Nikita Nikushkin

    Hi @b_p,

    Thank you for the feedback!

    I followed the mentioned steps:

    1. Created a new Wordpress installation without SSL/TLS enabled
    2. Converted it into a multisite installation with "Sub-domains"
    3. Enabled SSL/TLS via "Plesk > Domains > example.com > Advisor > Secure WordPress Websites | Switch to HTTPS"

    However, it did not break the logging to the WordPress possibility

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles