PHPackages littlebizzy/force-https - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. littlebizzy/force-https ActiveWordpress-plugin[Security](/categories/security) littlebizzy/force-https ======================= Redirects all HTTP requests to the HTTPS version and fixes insecure links and resources without altering the database (also works with CloudFlare). v1.4.3(4y ago)26149[5 issues](https://github.com/littlebizzy/force-https/issues)[2 PRs](https://github.com/littlebizzy/force-https/pulls)GPL-2.0-or-laterPHPPHP >=7.0 Since Mar 19Pushed 1y ago3 watchersCompare [ Source](https://github.com/littlebizzy/force-https)[ Packagist](https://packagist.org/packages/littlebizzy/force-https)[ Docs](https://www.littlebizzy.com/plugins/force-https)[ RSS](/packages/littlebizzy-force-https/feed)WikiDiscussions master Synced 3d ago READMEChangelog (9)Dependencies (1)Versions (25)Used By (0) Force HTTPS =========== [](#force-https) HTTPS enforcement for WordPress Changelog --------- [](#changelog) 3.0.1 ----- [](#301) - improved WP-CLI and WP-Cron compatibility with home/siteurl filtering logic 3.0.0 ----- [](#300) - added `Tested up to` header - added `Update URI` header - added `Text Domain` header - improved HTTPS redirection that skips WP-CLI, WP-Cron, and AJAX - now leveraging `pre_option_home` and `pre_option_siteurl` to override WordPress sequence early - several more `add_filter` being enforced - refined regex in `the_content` to correctly process `` and `` blocks - refinded and expanded regex for HTML elements - support for several WooCommerce `add_filter` if detected - significant code structure, syntax, and efficiency improvements ### 2.0.3 [](#203) - added `Requires PHP` plugin header ### 2.0.2 [](#202) - improved `gu_override_dot_org` snippet ### 2.0.1 [](#201) - fixed `gu_override_dot_org` snippet ### 2.0.0 [](#200) - completely refactored code to WordPress standards - no more defined constants or options (hardcoded to enforce HTTPS on all internal/external links and resources) - much more extensive `add_filter` rules and HTML enforcement of HTTPS - supports PHP 7.0 to 8.3 - supports Multisite ### 1.4.3 [](#143) - fixed undefined variable error (new default $modified = false) ### 1.4.2 [](#142) - improved composer.json - updated metadata ### 1.4.1 [](#141) - tested with WP 5.1 - updated metadata - tweaked `composer.json` ### 1.4.0 [](#140) - PBP v1.2.0 - removed `FORCE_SSL` constant references - added support to force HTTPS on `source` elements (previously unsupported) ... this fixes GitHub Issue #7 - late support for new FORCE\_HTTPS defined constant - define('FORCE\_HTTPS', true); - define('FORCE\_HTTPS\_EXTERNAL\_LINKS', false); - define('FORCE\_HTTPS\_EXTERNAL\_RESOURCES', true); - define('FORCE\_HTTPS\_INTERNAL\_LINKS', true); - define('FORCE\_HTTPS\_INTERNAL\_RESOURCES', true); ### 1.3.0 [](#130) - PBP v1.1.0 - tested with PHP 7.0, 7.1, 7.2 - tested with PHP 5.6 (no fatal errors only, tweaked code style and several corrections) - better support for WP-CLI (fixes GitHub Issue #6/#2) - simplified plugin class organization - late support for FORCE\_SSL constant aborting the plugin functionality in the last minute if false ### 1.2.0 [](#120) - tested with WP 5.0 ### 1.1.4 [](#114) - updated metadata ### 1.1.3 [](#113) - updated recommended plugins ### 1.1.2 [](#112) - updated metadata ### 1.1.1 [](#111) - updated metadata - updated recommended plugins ### 1.1.0 [](#110) - versioning correction (major changes in 1.0.6) - (no code changes) ### 1.0.6 [](#106) - changed filters to force HTTPS for external resources (but not hyperlinks) including `src`, `srcset`, `embed`, and `object` - (if an external resource does not exist in HTTPS version, it may generate a 404 error) - (philosophy = "green padlock" more important than a resource 404 error) - added warning for Multisite installations - updated recommended plugins - updated metadata ### 1.0.5 [](#105) - better support for `DISABLE_NAG_NOTICES` ### 1.0.4 [](#104) - partial support for `DISABLE_NAG_NOTICES` - updated metadata ### 1.0.3 [](#103) - tested with WP 4.9 - updated recommended plugins - updated metadata ### 1.0.2 [](#102) - filter to "skip" external hyperlinks - better HTTPS filters for internal links, internal sources, and image `srcset` - optimized plugin code - added rating request notice - updated recommended plugins ### 1.0.1 [](#101) - added recommended plugins notice ### 1.0.0 [](#100) - initial release ### Health Score 36 — LowBetter than 82% of packages Maintenance32 Infrequent updates — may be unmaintained Popularity18 Limited adoption so far Community18 Small or concentrated contributor base Maturity65 Established project with proven stability Bus Factor1 Top contributor holds 81.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~43 days Recently: every ~261 days Total 25 Last Release 1570d ago PHP version history (3 changes)1.0.0.x-devPHP ^7.2 v1.4.1PHP ^5.6 v1.4.2PHP >=7.0 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/10787477?v=4)[LittleBizzy](/maintainers/littlebizzy)[@littlebizzy](https://github.com/littlebizzy) ![](https://www.gravatar.com/avatar/ded63205441bcc85e2162d165a799b4134e369416edb3acd944a9d1549e1d3a1?d=identicon)[jessuppi](/maintainers/jessuppi) --- Top Contributors [![jessuppi](https://avatars.githubusercontent.com/u/17551083?v=4)](https://github.com/jessuppi "jessuppi (257 commits)")[![pauiglesias](https://avatars.githubusercontent.com/u/1170266?v=4)](https://github.com/pauiglesias "pauiglesias (55 commits)")[![backamblock](https://avatars.githubusercontent.com/u/20801141?v=4)](https://github.com/backamblock "backamblock (1 commits)")[![danlapteacru](https://avatars.githubusercontent.com/u/6186169?v=4)](https://github.com/danlapteacru "danlapteacru (1 commits)") --- Tags wordpresswordpress-pluginhttpspluginwordpresssecuritycontentsslseoresourcesforcefixmixedinsecure ### Embed Badge ![Health badge](/badges/littlebizzy-force-https/health.svg) ``` [![Health](https://phpackages.com/badges/littlebizzy-force-https/health.svg)](https://phpackages.com/packages/littlebizzy-force-https) ``` ### Alternatives [sybrew/the-seo-framework An automated, advanced, accessible, unbranded and extremely fast SEO solution for any WordPress website. 47078.8k](/packages/sybrew-the-seo-framework)[spatie/ssl-certificate-chain-resolver SSL certificate chain resolver 3069.6k](/packages/spatie-ssl-certificate-chain-resolver)[wp-privacy/wp-api-privacy Strips potentially identifying information from outbound requests to the WordPress.org API 1632.0k](/packages/wp-privacy-wp-api-privacy) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)