cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution
Getting Started

REALLY SIMPLE SSL SETTINGS and MANAGED WORDPRESS

Unfortunately, the SSL department at Godaddy does not speak with the Managed Wordpress team.  There is ZERO interdepartmental communication.  

 

Godaddy reps recommend using a plugin called Really Simple SSL. 

 

I have purchased the paid version of this plugin, and the plugin author says that the settings will vary based on the server environment.  He also mentioned that he himself has tried to reach the Godaddy Managed Wordpress Team about this issue, and they are non-responsive.

 

Really Simple SSL Wordpress Plugin requires knowledge of Managed Wordpress Server environment.  Unfortunately Godaddy has untrained Reps answering the phone, and they have no idea how to advise customers. 

 

Does anyone on this forum have knowledge of the plugin settings of Really Simple SSL, as they relate to Managed Wordpress server environment?  

 

Further complicating matters is the use of a UCC SSL, which I have purchased after a Godaddy sales said that it cover the non www version of the domain, by installing a redirect, but I did not find that statement to be true.  Turns out to be a bait and switch sales tactic by Godaddy.  They have sales reps telling people that you can do this, but you cannot.  You will still have to use two of the SANS to cover both the non www and the www versions of your domain.

 

SO, in your reply, please assume that I have both the non www and www versions of the domain covered the UCC SSL installed.   If these plugin settings vary based on the "type" of SSL, i.e. standard SSL versus SSL, that is another issue needing clarification.

 

Really Simple SSL plugin settings require  knowledge of the Managed Wordpress Environment, i.e. server defaults, etc.   (Cpanel is a different configuration.)

 

It would also be helpful if you share  a default htaccess file with correct configuration, which is standard for a vanilla wordpress installation on Managed Wordpress.  The htaccess file should redirect non www  to www.

 

 

Does anyone on this forum have knowledge of the plugin settings of Really Simple SSL, as they relate to Managed Wordpress server environment?  

 

 

1 ACCEPTED SOLUTION
Community Manager

Hi @sepro. Sorry you've had such difficulty with this. I can confirm that our Managed WordPress plans should not need a plugin if you are installing a certificate provided by GoDaddy. The redirect to HTTPS should work for your primary domain automatically. However, there can be settings within your content that are not affected by the redirect. Most often I've seen this issue with themes that have settings for images that use HTTP instead of HTTPS when they encode links. In these situations, using a plugin to update your site content is sometimes helpful, but you shouldn't need anything to manage the redirect of the domain itself. 

 

Also, you should not need a UCC SSL Certificate to cover both www and non www domains. All of our certificates (Standard included) cover the naked domain as well as it's www hostname by default. If you were sold the UCC by a support agent, you should be able to get a refund for it (provided you don't need it for another reason) if you have a supervisor review the situation. 

 

As it is right now, I do not have an issue opening https://hstspreload.org on Chrome. Hope this information helps. 

 

JesseW - GoDaddy | Community Manager | 24/7 support available at x.co/247support | Remember to choose a solution and give kudos.

View solution in original post

4 REPLIES 4
Getting Started

 

I need a Godaddy rep to go through these settings, which 1000's of customers are struggling to answer, and put the definitive answers once and for all so that everyone can reference them:

 

REALLY SIMPLE SSL SETTINGS FOR MANAGED WORDPRESS HOSTING ACCOUNTS:


Settings to optimize your SSL configuration

<ENTER ANSWER HERE>

Auto replace mixed content

<ENTER ANSWER HERE>
Enable WordPress 301 redirection to SSL

<ENTER ANSWER HERE>
Enable 301 .htaccess redirect -  Before you enable this, make sure you know how to regain access to your site in case of a redirect loop.

<ENTER ANSWER HERE>
Enable Javascript redirection to SSL

<ENTER ANSWER HERE>
Debug

<ENTER ANSWER HERE>
Stop editing the .htaccess file

<ENTER ANSWER HERE>
Switch mixed content fixer hook

<ENTER ANSWER HERE>
Deactivate plugin and keep SSL

<ENTER ANSWER HERE>
Turn HTTP Strict Transport Security on

<ENTER ANSWER HERE>
Receive an email when your certificate is about to expire

<ENTER ANSWER HERE>
Add header to force insecure requests over https

<ENTER ANSWER HERE>
Enable the mixed content fixer on the WordPress back-end

<ENTER ANSWER HERE>

 

Unfortunately, the SSL department at Godaddy does not speak with the Managed Wordpress team.  There is ZERO interdepartmental communication.  

 

 

Does anyone on this forum have knowledge of the plugin settings of Really Simple SSL, as they relate to Managed Wordpress server environment?  

 

 

Getting Started

This is another issue, why do Godaddy Managed Wordpress Sites have trouble passing the Google Chrome pre-loader https://hstspreload.org

Community Manager

Hi @sepro. Sorry you've had such difficulty with this. I can confirm that our Managed WordPress plans should not need a plugin if you are installing a certificate provided by GoDaddy. The redirect to HTTPS should work for your primary domain automatically. However, there can be settings within your content that are not affected by the redirect. Most often I've seen this issue with themes that have settings for images that use HTTP instead of HTTPS when they encode links. In these situations, using a plugin to update your site content is sometimes helpful, but you shouldn't need anything to manage the redirect of the domain itself. 

 

Also, you should not need a UCC SSL Certificate to cover both www and non www domains. All of our certificates (Standard included) cover the naked domain as well as it's www hostname by default. If you were sold the UCC by a support agent, you should be able to get a refund for it (provided you don't need it for another reason) if you have a supervisor review the situation. 

 

As it is right now, I do not have an issue opening https://hstspreload.org on Chrome. Hope this information helps. 

 

JesseW - GoDaddy | Community Manager | 24/7 support available at x.co/247support | Remember to choose a solution and give kudos.

View solution in original post

Getting Started

@JesseW,  thank you for your reply.  I need specific answers, addressed above.

Also, regarding HSTS, what is Godaddy Managed Wordpress Server sending to HSTS ? Do they send headers by default or not?