wordpress ssl_如何修复WordPress中的常见SSL问题（入门指南）

wordpress ssl

Moving a WordPress site to SSL can sometime result in unexpected issues. If you’re adding SSL to an existing WordPress site and are running into errors, then you’re in luck. In this guide, we will cover how to fix the most common issues with SSL / HTTPs in WordPress.

将WordPress网站移至SSL有时会导致意外问题。 如果您要向现有的WordPress网站添加SSL并遇到错误，那么您很幸运。 在本指南中，我们将介绍如何解决WordPress中SSL / HTTPs最常见的问题。

什么是SSL / HTTPS？为什么要立即开始使用它？ (What is SSL / HTTPS and Why You Should Start Using it Right Away?)

SSL / HTTPS is an encryption method that secures the connection between users’ browser and your WordPress hosting server. This makes it harder for hackers to eavesdrop on the connection.

SSL / HTTPS是一种加密方法，可确保用户浏览器与WordPress托管服务器之间的连接安全。 这使黑客更难于窃听连接。

Each SSL / HTTPS enabled site is issued a unique SSL certificate for identification purposes. If a server is pretending to be on HTTPS, and its certificate doesn’t match, then most modern browsers will warn the user from connecting to the website.

每个启用SSL / HTTPS的站点都会获得一个唯一的SSL证书，以进行识别。 如果服务器假装使用HTTPS，并且其证书不匹配，则大多数现代浏览器都会警告用户不要连接到网站。

Last year, Google announced plans to improve overall web security by encouraging website owners to start using SSL / HTTPS.

去年，Google宣布了通过鼓励网站所有者开始使用SSL / HTTPS来改善整体网络安全的计划。

As part of this plan, Google’s Chrome web browser now marks all websites without an SSL certificate as “Not Secure”.

作为该计划的一部分，Google的Chrome网络浏览器现在将所有没有SSL证书的网站标记为“不安全”。

The ‘Not Secure’ label in the browser’s address bar gives a bad impression to your customers about your business.

浏览器地址栏中的“不安全”标签会使您的客户对您的业务印象不佳。

Aside from that, you also need SSL / HTTPS enabled if you want to make an online store or want to use payment services like PayPal, Stripe, Authorize.net, etc.

除此之外，如果您想建立在线商店或使用PayPal，Stripe，Authorize.net等付款服务 ，还需要启用SSL / HTTPS。

Considering the pros and cons, all websites need to switch to SSL / HTTPS.

考虑到利弊，所有网站都需要切换到SSL / HTTPS。

If you haven’t already done that, then head over to our guide on how to properly move WordPress from HTTP to HTTPs for step by step instructions.

如果您还没有这样做，请转到我们的指南，了解如何正确地将WordPress从HTTP迁移到HTTP ，以获取逐步说明。

Recommended: See our guide on how to get a free SSL certificate or buy a SSL certificate at a discount from Domain.com.

推荐：请参阅我们的指南， 以了解如何免费获取SSL证书或从Domain.com打折购买SSL证书。

That being said, let’s take a look at some of the common issues with SSL/HTTPS in WordPress and how to fix them.

话虽如此，让我们看一下WordPress中SSL / HTTPS的一些常见问题以及如何解决它们。

1.修复NET :: ERR_CERT_INVALID错误 (1. Fix NET::ERR_CERT_INVALID Error)

This error message appears in Google Chrome. Other browsers display this error with a slightly different message, but it basically warn users that their connection to your website is insecure.

此错误消息出现在Google Chrome中。 其他浏览器以略有不同的消息显示此错误，但基本上会警告用户其与您的网站的连接不安全。

This error message indicates that users’ browser didn’t accept the certificate presented by the website. This could happen due to a number of reasons:

此错误消息表示用户的浏览器不接受网站提供的证书。 发生这种情况可能有多种原因：

• The SSL certificate is issued to a different domain name or subdomain.
  SSL证书将颁发给其他域名或子域。
• The certificate has expired.
  证书已过期。
• Your browser doesn’t recognize certificate issuing authority.
  您的浏览器无法识别证书颁发机构。

If you purchased an SSL certificate and asked your WordPress hosting provider to install it for you, then you can contact them to fix it for you.

如果您购买了SSL证书，并要求WordPress托管提供商为您安装它，那么您可以联系他们为您修复它。

If you manually installed SSL certificate, then try reinstalling it or contact your SSL certificate provider for support.

如果您手动安装了SSL证书，请尝试重新安装它或与您的SSL证书提供商联系以获得支持。

2.将WordPress移至SSL / HTTPS后修复混合内容错误 (2. Fix Mixed Content Errors After Moving WordPress to SSL / HTTPS)

Mixed content errors are caused by sources (images, scripts, or stylesheets) that are still loading using the insecure HTTP protocol in the URLs.

内容混合错误是由仍使用URL中不安全的HTTP协议加载的源(图像，脚本或样式表)引起的。

If that is the case, then you will not be able to see a secure padlock icon in your website’s address bar.

如果是这种情况，那么您将无法在网站的地址栏中看到安全的挂锁图标。

There are two ways to fix SSL / HTTPS mixed content errors in WordPress. We will show you both of them and then you can pick one that works best for you.

有两种方法可以修复WordPress中的SSL / HTTPS混合内容错误。 我们将向您展示两者，然后您可以选择最适合自己的一种。

1. Fixed mixed content errors in WordPress using a Plugin

1.使用插件修复了WordPress中的混合内容错误

This method is easier and is recommended for beginners.

此方法更简单，建议初学者使用。

Simply install and activate the Really Simple SSL plugin. For more details, see our step by step guide on how to install a WordPress plugin.

只需安装并激活Really Simple SSL插件。 有关更多详细信息，请参阅有关如何安装WordPress插件的分步指南。

Upon activation, you need to visit Settings » SSL page to review plugin settings. Really Simple SSL works out of the box and will automatically take care of SSL / HTTPS settings and fix mixed content errors.

激活后，您需要访问设置»SSL页面以查看插件设置。 真正简单的SSL可以直接使用，将自动处理SSL / HTTPS设置并修复混合内容错误。

Note: The plugin attempts to fix mixed content errors by using output buffering technique. This can have a negative performance impact on your site. However, if you are using a caching plugin, then it will only impact the first page load.

注意：插件尝试使用输出缓冲技术来修复混合内容错误。 这可能会对您的网站造成负面的性能影响。 但是，如果您使用的是缓存插件，则只会影响首页加载。

2. Manually Fixed Mixed Content Errors in WordPress

2.手动修复WordPress中的混合内容错误

This method requires manual troubleshooting, but it is more effective and better for performance.

此方法需要手动进行故障排除，但是它更有效且性能更好。

First, you need to make sure that you are using HTTPS in WordPress settings. Go to Settings » General page and make sure that WordPress Address and Site Address options have HTTPS URLs.

首先，您需要确保在WordPress设置中使用HTTPS。 转到“设置”»“常规”页面，并确保WordPress地址和站点地址选项具有HTTPS URL。

If you see URLs starting with HTTP, then you need to go ahead and change them to HTTPS. Don’t forget to click on the save changes button to store your settings.

如果您看到以HTTP开头的URL，则需要继续并将其更改为HTTPS。 不要忘记单击“保存更改”按钮来存储您的设置。

Next, you need to find old HTTP URLs in your WordPress database and replace them with the new HTTPS URLs.

接下来，您需要在WordPress数据库中找到旧的HTTP URL，并将其替换为新的HTTPS URL。

You can easily do that by installing and activating the Better Search Replace plugin. For more details, see our step by step guide on how to install a WordPress plugin.

您可以通过安装并激活Better Search Replace插件轻松地做到这一点。 有关更多详细信息，请参阅有关如何安装WordPress插件的分步指南。

Upon activation, you need to visit Tools » Better Search Replace page. In the ‘Search’ field, you need to add your website URL with HTTP. After that, add your website URL with https in the ‘Replace’ field.

激活后，您需要访问工具»更好的搜索替换页面。 在“搜索”字段中，您需要使用HTTP添加网站URL。 之后，在“替换”字段中添加带有https的网站URL。

The plugin will now update URLs in your WordPress database.

插件现在将更新WordPress数据库中的URL。

If you are still seeing mixed content errors, then the next step is to troubleshoot URLs in your WordPress theme and plugins.

如果您仍然看到内容混合错误，则下一步是对WordPress主题和插件中的URL进行故障排除。

Using your browser’s Inspect tool, you will need to locate the resources causing the errors and where they are loading from.

使用浏览器的Inspect工具 ，您将需要定位导致错误的资源以及它们从何处加载。

For theme resources, you will need to find them in your WordPress theme and replace HTTP with HTTPS.

对于主题资源，您将需要在WordPress主题中找到它们，并将HTTP替换为HTTPS。

This part can be a bit difficult for beginners as they will have to look for the URLs in all theme files.

对于初学者来说，这部分可能会有些困难，因为他们将不得不在所有主题文件中查找URL。

If you are unable to find them yourself, then you can also reach out to theme developer and request them to update their theme. They will need to use WordPress best practices to load files, which will fix the HTTP/HTTPS issue.

如果您自己找不到它们，则还可以与主题开发者联系，并要求他们更新主题。 他们将需要使用WordPress最佳做法来加载文件，这将解决HTTP / HTTPS问题。

Same goes for the mixed content loaded by a WordPress plugin. We don’t recommend editing plugin files yourself to change the URLs. You should notify the plugin developer and request them for an update. Meanwhile, you can disable the plugin on your site or find an alternative plugin.

WordPress插件加载的混合内容也是如此。 我们不建议您自己编辑插件文件来更改URL。 您应该通知插件开发人员，并要求他们进行更新。 同时，您可以在您的站点上禁用该插件或找到其他插件 。

3.移至SSL / HTTPS后修复过多的重定向错误 (3. Fix Too Many Redirects Errors After Moving to SSL / HTTPS)

WordPress allows you to enforce SSL / HTTPS for the admin area by entering the following line into your wp-config.php file.

WordPress允许您通过在wp-config.php文件中输入以下行来对管理区域实施SSL / HTTPS。

define('FORCE_SSL_ADMIN', true);

However, in some scenarios this setting alone would cause ‘Too many redirects‘ error. To fix this, you will need to add the following code to your wp-config.php file just before the line that says ‘That’s all, stop editing! Happy blogging.’.

但是，在某些情况下，仅此设置将导致“ 太多重定向 ”错误。 要解决此问题，您需要在以下代码行之前添加以下代码到wp-config.php文件：“就这样，停止编辑！ 祝您博客愉快。

define('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain 
// a comma-separated list e.g. http,https
// so check for https existence
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
       $_SERVER['HTTPS']='on';

4.修复WordPress HTTP到HTTPS重定向 (4. Fix WordPress HTTP to HTTPS Redirect)

WordPress will not automatically redirect HTTP requests to HTTPS unless you tell it to do so. If you are using a plugin like Really Simple SSL, then it would take care of redirects. Otherwise, you will have to manually set up redirects.

除非您告诉WordPress，否则WordPress不会自动将HTTP请求重定向到HTTPS。 如果您使用的是Really Simple SSL之类的插件，则它将负责重定向。 否则，您将必须手动设置重定向。

To set up HTTP to HTTPS redirect, you need to add the following code to your .htaccess file.

要将HTTP设置为HTTPS重定向，您需要将以下代码添加到.htaccess文件中 。

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

We hope this article helped you fix some common issues with SSL / HTTPS in WordPress. If you run into an issue that’s not covered in this article, then please leave a comment to let us know. We will update the article with the solution. You may also want to see our ultimate WordPress security guide with step by step instructions for beginners to secure their WordPress websites.

我们希望本文能帮助您解决WordPress中SSL / HTTPS的一些常见问题。 如果您遇到本文未涉及的问题，请发表评论以告知我们。 我们将使用解决方案更新本文。 您可能还想查看我们的终极WordPress安全指南，其中包含针对初学者的逐步说明，以保护其WordPress网站。

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

如果您喜欢这篇文章，请订阅我们的YouTube频道 WordPress视频教程。 您也可以在Twitter和Facebook上找到我们。

翻译自: https://www.wpbeginner.com/wp-tutorials/how-to-fix-common-ssl-issues-in-wordpress-beginners-guide/

wordpress ssl