Fixing insecure content issues caused other issues to the plugins

Everything was working great. I received a notice that Google was using HTTPS in rank and purchased an SSL upgrade from Fatcow (my host). I was receiving errors that the page was not secure, because Wordpress was loading unsecured items on the page. I downloaded the Really Simple SSL plugin to fix the problem. In the process, I've noticed now that DEFENDER is now showing "prevent PHP execution" even though it writes to the .htaccess. And, HUMMINGBIRD started showing GZIP was not enabled. I contacted Fatcow and they said that it's enabled. Now Hummingbird is showing gzip active for HTML but not javascript or css.

  • Brandon Jones

    To better clarify, I purchased an SSL upgrade through my shared hosting provider (Fatcow) in hopes of improving my pagerank, while also enjoying the benefits SSL/HTTPS affords. Changing the address in my Wordpress settings from http to https weren't enough to force all resources to load via https. I was receiving a red warning that the site was not secured.

    I reached out to Fatcow (host) and they informed me that I needed to install Really Simple SSL to fix the issue. Installation of the plugin did correct the error and turn the red warning to a green pad lock. A few hours later, I saw the +1 notification on the Defender tab and reviewed to discover that the "Prevent PHP Execution" needed actions. I clicked the "fix" button and everything fixed successfully, however the warning returned. I uninstalled the plugin and reinstalled it. No change.

    My Hub notified me several times yesterday that the website was down. Today, I noticed that Hummingbird was giving me a warning about GZIP. The setting apparently somehow became disabled because Fatcow offered to enabled it for me. That resulted in HTML being compressed but not javascript and CSS. I opened a trouble ticket with Fatcow and as of right now, it appears the issue has been corrected as all three (html, javascript and css) are passing successfully.

    There were two support tickets open here at WPMU DEV concerning this issue (one here and one for HB). I have closed the HB ticket, as it appears that issue has been resolved. The only outstanding issue relates to the Prevent PHP Execution for Defender.

    Thank you!

  • Predrag Dubajic

    Hey Brandon,

    Hope you're doing well :slight_smile:

    I had a look at your site and even thought the rule was working properly, and prevented PHP execution the "visual" issue of ongoing issue was still there.
    So I had to call in the big guns and devs had a closer look at it.

    It seems like SSL caused cURL error when this rules was checked so even though it was in place it couldn't restore the proper status to Defender.
    We have applied a fix on your site to go around this error and the devs will include it next plugin release as well so you shouldn't be having this issue anymore.

    Best regards,
    Predrag

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.