內容簡介
如果您的網站有一個 SSL 憑證,您可能發現可以通過 SSL(https)和非 SSL(http)的 URL 訪問該網站。這對於安全性和 SEO 來說都是不好的,因為它可能看起來像不同 URL 上的重複內容。
這個問題的解決方法是使用名為 301 重定向的方式將非 SSL(http)URL 的請求重定向到它們的 SSL(https)等價物。這告訴客戶端(以及搜索引擎)他們正在尋找的資源應始終通過 SSL 訪問。此外,該外掛提供兩種實現這一功能的方法:
在 header 時拦截 WordPress 頁面,並且如果它們尚未使用 HTTPS 請求則發送 301 重定向 header;或者
在 .htaccess 文件中添加 mod_rewrite 規則,以使用 301 重定向將所有請求重定向到它們的 HTTPS 等價物。
此外,這個外掛還可以為您設置 HSTS header,並確保所有請求使用相同的主機名(即解決了可以使用 www. 和非 www. URL 訪問許多網站的問題)。
外掛標籤
開發者團隊
原文外掛簡介
If your site has an SSL certificate you might find that you can access the site via both SSL (https) and non-SSL (http) URLs. This is a bad idea for security, and for SEO, as it can look like duplicate content on different URLs.
The answer to this is to redirect requests to non-SSL (http) URLs over to their SSL (https) equivalents using something called a 301 redirect. This tells the client (and search engines) that the resource they are looking for should always be accessed over SSL. This plugin offers two methods to achieve this:
By intercepting WordPress pages at header time, and if they are not already being requested over HTTPS sending a 301 redirect header, or
By adding mod_rewrite rules in the .htaccess file to redirect all requests to their HTTPS equivalents using 301 redirects.
Optionally, this plugin can also set HSTS headers for you, and make sure that all requests use the same hostname (i.e. fixing the issue where many sites can be accessed using both www. and non-www. URLs).
