admin管理员组

文章数量:1326036

I am using a plugin **Really Simple SSL** that configured to use SSL. And I use WP Migrate Pro to move my DB from local to remote. But I usually run into the problem of pulling the DB from productions to localhost during development, most of my links on the localhost are using https.

I do not want to set SSL on my local development.

Presently, I deactivate the plugin Really Simple SSL using `wp cli'. Next, I have to Find and Replace https to http on the localhost. That makes updates to be using unsecured repos and my fonts, css and cdn use http which create a new security risk for my development which would eventually end on in production.

What is the best approach so that I do not expose my production to security risk after development?

I am using a plugin **Really Simple SSL** that configured to use SSL. And I use WP Migrate Pro to move my DB from local to remote. But I usually run into the problem of pulling the DB from productions to localhost during development, most of my links on the localhost are using https.

I do not want to set SSL on my local development.

Presently, I deactivate the plugin Really Simple SSL using `wp cli'. Next, I have to Find and Replace https to http on the localhost. That makes updates to be using unsecured repos and my fonts, css and cdn use http which create a new security risk for my development which would eventually end on in production.

What is the best approach so that I do not expose my production to security risk after development?

  • wp-cli
  • https
  • local-installation
  • development-strategy
  • production
Share Improve this question edited Sep 16, 2020 at 12:18 pensebien asked Sep 8, 2020 at 9:14 pensebienpensebien 1417 bronze badges 9
  • Why do you not want to use SSL on local? Keep in mind that you don't need an SSL plugin, you can set the sites URL option to use https, as long as your content uses https URLs and you're not using http hardcoded in your theme everything's fine. I've never needed t install a plugin like Really Simple SSL. The real answer is to use HTTPS everywhere – Tom J Nowell Commented Sep 8, 2020 at 9:53
  • @TomJNowell you advice I use https in the wp-config file. But some plugin do not go over SSL, and development because bad when the network is not very good. – pensebien Commented Sep 8, 2020 at 9:56
  • That's not the same as what I suggested. Why are you insisting on no https locally? – Tom J Nowell Commented Sep 8, 2020 at 9:57
  • Then you need to contact the plugin authors, those are very poorly built plugins ( or it's because you did not set up SSL and used a plugin to "fix" it ) – Tom J Nowell Commented Sep 8, 2020 at 9:58
  • On production, I setup SSL and AWS needs that particular plugin as part of the process of setup the SSL. here. On my local dev, I do not need it. Based on experience, it speeds up my development. – pensebien Commented Sep 8, 2020 at 10:01
 |  Show 4 more comments

1 Answer 1

Reset to default 1

The correct approach is to use HTTPS everywhere, and to migrate to SSL properly:

  • remove the Really Simple SSL plugin
  • change your sites URL option to the https version
  • search replace your database so all content uses the https URL via WP CLI or a search replace tool ( do not use an SQL query it will break things )
  • update any hardcoded strings in your theme from http to https

Then finally:

  • set up a local SSL certificate and trust it in your browser

A lot of local dev environments will generate the certificate automatically, e.g. VVV or Local.

The alternative is a painful manual search replace each and every time you pull changes down, and push changes up.

本文标签: wp cliHow best to keep my localhost on Http while my Remote production is on Https

版权声明:本文标题:wp cli - How best to keep my localhost on Http while my Remote production is on Https 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742116792a2421505.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。