JSM Force HTTP to HTTPS / SSL – No Setup, Fast and Reliable

No setup required - simply activate to force HTTP URLs to HTTPS using native WordPress filters and permanent redirects for best SEO.

v3.5.0JS MorissetUpdated Added 7k+ installs100% rating
83
Score
0
Errors
11
Warnings
+0
Change

Category Scores

Security70
Repo100
Performance100
Maintainability99

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

11 findings

Security

9

3 issue groups

I18n

1

1 issue group

Maintainability

1

1 issue group

WARNINGSecurityRequest data is not unslashed$_SERVER['HTTP_HOST'] not unslashed before sanitization. Use wp_unslash() or similar5
Category
Security
Occurrences
5
Severity
warning

Sample message

$_SERVER['HTTP_HOST'] not unslashed before sanitization. Use wp_unslash() or similar

WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_SERVER['HTTP_X_FORWARDED_PROTO']3
Category
Security
Occurrences
3
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_SERVER['HTTP_X_FORWARDED_PROTO']

WARNINGI18nDiscouraged text-domain loadingload_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

WARNINGSecuritywp redirect wp redirectwp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.1
Category
Security
Occurrences
1
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WARNINGMaintainabilitymismatched plugin namePlugin name "JSM Force HTTP to HTTPS / SSL - No Setup, Fast and Reliable" is different from the name declared in plugin header "JSM Force HTTP to HTTPS / SSL".1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Plugin name "JSM Force HTTP to HTTPS / SSL - No Setup, Fast and Reliable" is different from the name declared in plugin header "JSM Force HTTP to HTTPS / SSL".

External Connections

Not analyzed yet.

Score History

First score snapshot

v3.5.0

83

Latest

Findings
11
Errors
0
Warnings
11
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

26 nodes

Related Plugins

100
Shortcode Redirect

10k+ active installs

100
Advanced GeoIP Redirect

1k+ active installs

99
Attachment Pages Redirect

20k+ active installs

99