More checks for https?

[webtrainingwheels]

Sometimes a site isn't cached because it's using HTTPS (for example with a plugin) but https has not been set in the WP settings. So we don't detect it and SSL cache isn't applied.

It creates some support tickets, and can be overlooked in debugging on our side.

Is it possible to do more checks and show an admin notice if we suspect https might be used?

• Site may be forcing HTTPS using a plugin but have not updated their URL settings. We could check for some specific plugins like Really Simple SSL for example.
• Check if the admin URL is using HTTPS?
• Possible to check the front end url?

Admin notice would be something along the lines of: "Are you using https on your site? If so, go to WP Rocket settings > Cache and enable SSL Cache"

Even better, if possible, put a check box in the notice to enable it from there.

[arunbasillal]

Kindly re-opening this so that we can improve some aspects of our detection. Thanks to @GeekPress

Since 3.3.4 we auto enable SSL Cache for new WP Rocket installs while preserving the option for old customers.

As expected and as noted in the feature doc, customers without HTTPS will not be able to activate SSL via UI and can use our helper plugin.

Every customer that does not update the home_url in the General setting of WordPress will need to install the helper to switch over.

Since we don't have inline documentation for this, manual intervention is required from the support team. Support requests are rare right now, but given our huge customer base and growing push towards HTTPS by Google, this number could grow in the future. In our quest to eliminate support tickets as much as possible, we can be proactive.

Ideas:

• Detect popular SSL plugins and make necessary changes on their activation.
• When WP Rocket settings are saved, if cache_ssl is 0, use an alternate method to check if the website is SSL.
• Since HTTP is redirected to HTTPS in most situations, checking the response header for a 301 redirect could help. Verifying the final location of course.

Notes from Dev call

• We decided it would best to detect based on URL and not have custom compatibility with various plugins.
• We could do the check on WP Rocket plugin update and when WP Rocket settings are saved.

Notes from Dev call on 15-July-2019

• Check for SSL on every WP Rocket update
• Check on WP Rocket deactivation and reactivation
• Check when WP Rocket settings are saved