Title: Volixta SSL & Security Headers Author: VOLIXTA TEAM Published: 2025 年 10 月 2 日 Last modified: 2026 年 5 月 20 日 --- 搜尋外掛 ![](https://ps.w.org/volixta-ssl-security-headers/assets/banner-772×250.png?rev= 3371933) ![](https://ps.w.org/volixta-ssl-security-headers/assets/icon-256x256.png?rev=3371933) # Volixta SSL & Security Headers 由 [VOLIXTA TEAM](https://profiles.wordpress.org/volixta/) 開發 [下載](https://downloads.wordpress.org/plugin/volixta-ssl-security-headers.1.1.5.zip) * [詳細資料](https://tw.wordpress.org/plugins/volixta-ssl-security-headers/#description) * [使用者評論](https://tw.wordpress.org/plugins/volixta-ssl-security-headers/#reviews) * [安裝方式](https://tw.wordpress.org/plugins/volixta-ssl-security-headers/#installation) * [開發資訊](https://tw.wordpress.org/plugins/volixta-ssl-security-headers/#developers) [技術支援](https://wordpress.org/support/plugin/volixta-ssl-security-headers/) ## 外掛說明 Is your WordPress site still serving pages over **HTTP** instead of **HTTPS**? Do you see browser warnings like _“Not Secure”_ even though you installed SSL? Are you getting **mixed content errors** in Chrome or Firefox after enabling HTTPS? Is your Site Health report complaining about missing **security headers**? 👉 **Volixta SSL & Security Headers fixes all of these in a few clicks.** Easily **activate SSL**, **force 301 redirects**, repair **mixed content**, and apply recommended **WordPress security headers** like HSTS, CSP, and X-Frame-Options. ### 🔐 What does Volixta do? * **Activate SSL automatically**: safely update your WordPress `home` and `siteurl` to use `https://`. * **Force HTTPS with 301 redirect**: adds a safe `.htaccess` block on Apache/LiteSpeed, or falls back to a PHP redirect if needed. * **Fix mixed content**: scans your posts, postmeta, and options for `http://` links and replaces them with `https://` (serialization-safe). * **Apply modern HTTP Security Headers**: HSTS, Content-Security-Policy (`upgrade- insecure-requests`), X-Frame-Options, Referrer-Policy, Permissions-Policy, COOP/ COEP/CORP. * **Nginx friendly**: when `.htaccess` is not available, Volixta shows ready-to- copy Nginx rules. * **Site Health integration**: checks for SSL, redirects, and security headers. ### ✅ Why choose Volixta? * **Safe by design** Nothing is applied automatically. You choose what to enable. Each `.htaccess` modification creates a timestamped backup. * **Serialization-safe mixed content fixer** No risk of breaking complex serialized data in `postmeta` or `options`. * **Admin-only processing** Everything runs in the admin area. The frontend only uses the optional PHP redirect when required. * **Localhost aware** Detects local environments (`localhost`, `.local`, `.test`) and provides instructions for enabling trusted HTTPS locally with [mkcert](https://github.com/FiloSottile/mkcert). ### 🔎 Typical problems solved **How do I activate SSL in WordPress?** One click in Volixta updates your site to HTTPS safely. **How do I force HTTPS with 301 redirects?** Volixta inserts a safe `.htaccess` redirect or uses a PHP fallback. **My Site Health report says “No security headers detected”.** Apply modern ** security headers** in one click. **How can I add WordPress security headers without editing code?** Configure and apply headers from the plugin interface. **After enabling SSL, my site still shows mixed content errors.** Run the Mixed Content Scan + Fixer. **I’m on Nginx, so .htaccess doesn’t work.** Volixta provides ready-to-copy Nginx configuration snippets. ### Privacy This plugin does not collect, store, or transmit personal data. ### Localization Text domain: `volixta-ssl-security-headers` Load path: `/languages` ### What’s Next If you like this plugin, check out our other tools: * [VOLIXTA Booking – The All-in-One WordPress Booking Plugin](https://volixta.com) Manage unlimited staff, services, clients, payments, and locations in one powerful system. * [VOLIXTA Security Suite – Advanced WordPress Security Made Simple](https://volixta.com/volixta-security-suite) ## 螢幕擷圖 * [[ * Dashboard showing SSL, redirect, headers, and server checks * [[ * One-click SSL activation and HTTPS redirect * [[ * Mixed content scan and fixer * [[ * Security headers configuration panel ## 安裝方式 1. Upload to `/wp-content/plugins/` or install from the WordPress plugin directory. 2. Activate the plugin. 3. Open **Volixta SSL & Security** in the admin menu. 4. With a valid SSL certificate: 5. * Click **Activate SSL** to update WordPress URLs to HTTPS. * Click **Enable HTTPS Redirect** to force HTTPS. * Click **Apply Security Headers**. ## 常見問題集 ### How do I activate SSL in WordPress? Open Volixta click **Activate SSL**. The plugin updates your WordPress and Site URL to HTTPS. ### How do I add security headers in WordPress? Go to the **Security Headers** panel and click **Apply Security Headers**. ### Does it modify .htaccess? Yes, but only when you trigger an action manually. Blocks are clearly wrapped: * `# BEGIN Volixta HTTPS Redirect` * `# END Volixta HTTPS Redirect` Each change creates a backup file. ### Will it work on Nginx? Yes. Volixta shows Nginx configuration snippets for redirects and headers. ### Does it slow down my site? No. Everything runs only in the admin panel. On the frontend, only the optional PHP redirect runs when enabled. ### Can I use it locally? Yes. Local environments are detected automatically and instructions are provided to enable HTTPS with mkcert. ### Where are settings stored? Only minimal configuration is stored in `wp_options`: – headers configuration – redirect flag – mixed content scan results ## 使用者評論 ![](https://secure.gravatar.com/avatar/d4c81b275b28a38eb7defaf7d9a5a4844393f68a125dbcf2df9ddd9b7e08b9f9? s=60&d=retro&r=g) ### 󠀁[Helpful tool for cleaning up SSL issues](https://wordpress.org/support/topic/helpful-tool-for-cleaning-up-ssl-issues/)󠁿 [kayan1985](https://profiles.wordpress.org/kayan1985/) 2025 年 11 月 27 日 After switching my site to HTTPS, I kept seeing small issues I couldn’t fully trace. This plugin helped me sort everything out quickly — redirects, old HTTP links, and missing headers. The interface is straightforward and nothing feels complicated. It just makes the whole SSL setup cleaner and more reliable. ![](https://secure.gravatar.com/avatar/5107adb7ba8e740684d774dc9d36af8a1d06d755f6f61d72b3a3f0869196b74c? s=60&d=retro&r=g) ### 󠀁[Great plugin for security headers](https://wordpress.org/support/topic/excellent-security-headers-plugin/)󠁿 [annaweb2020](https://profiles.wordpress.org/annaweb2020/) 2025 年 10 月 19 日 Super easy way to add proper security headers. Safe to use, clean interface, and it just works. ![](https://secure.gravatar.com/avatar/10094133067e25ceb404102da36dd6ea8efc8b785d9bd4afcec2bf9cfad163e5? s=60&d=retro&r=g) ### 󠀁[Fixed Everything Smoothly](https://wordpress.org/support/topic/fixed-everything-smoothly/)󠁿 [webdevera](https://profiles.wordpress.org/webdevera/) 2025 年 10 月 15 日 I was having some trouble with mixed content and partial redirects after enabling SSL.Tried Volixta SSL out of curiosity and it handled everything automatically.All HTTP links were replaced correctly, and the security headers feature added an extra layer of protection without any hassle.Solid plugin — simple, effective, and lightweight. [ 閱讀全部 4 則使用者評論 ](https://wordpress.org/support/plugin/volixta-ssl-security-headers/reviews/) ## 參與者及開發者 以下人員參與了開源軟體〈Volixta SSL & Security Headers〉的開發相關工作。 參與者 * [ VOLIXTA TEAM ](https://profiles.wordpress.org/volixta/) [將〈Volixta SSL & Security Headers〉外掛本地化為台灣繁體中文版](https://translate.wordpress.org/projects/wp-plugins/volixta-ssl-security-headers) ### 對開發相關資訊感興趣? 任何人均可[瀏覽程式碼](https://plugins.trac.wordpress.org/browser/volixta-ssl-security-headers/)、 查看 [SVN 存放庫](https://plugins.svn.wordpress.org/volixta-ssl-security-headers/), 或透過 [RSS](https://plugins.trac.wordpress.org/log/volixta-ssl-security-headers/?limit=100&mode=stop_on_copy&format=rss) 訂閱[開發記錄](https://plugins.trac.wordpress.org/log/volixta-ssl-security-headers/)。 ## 變更記錄 #### 1.1.5 – 2026-05-21 * Tested up to WordPress 7.0 #### 1.1.4 – 2026-03-11 * Updated readme.txt #### 1.1.3 – 2026-03-09 * Removed the Security Hardening module to improve stability and compatibility. #### 1.1.2 – 2025-12-10 * Added new Hardening module: - Secure & HttpOnly cookies (adds COOKIE_SECURE and COOKIE_HTTPONLY to wp-config. php) - Disable directory indexing by inserting “Options -Indexes” into .htaccess - Block user enumeration (?author=ID and REST API `/wp/v2/users`) * Improved PHPCS compliance and sanitization for user enumeration blocking * Updated uninstall routine to remove new hardening options * UI enhancements for Security Hardening settings panel * Updated readme.txt #### 1.1.1 Tested up to WordPress 6.9. #### 1.1.0 Improved SSL detection and code compliance. #### 1.0.10 Updated readme. #### 1.0.0 Initial release. ## 中繼資料 * 版本 **1.1.5** * 最後更新 **2 週前** * 啟用安裝數 **70+** * WordPress 版本需求 ** 5.8 或更新版本 ** * 已測試相容的 WordPress 版本 **7.0** * PHP 版本需求 ** 7.4 或更新版本 ** * 語言 * [English (US)](https://wordpress.org/plugins/volixta-ssl-security-headers/) * 標籤: * [https](https://tw.wordpress.org/plugins/tags/https/)[mixed content](https://tw.wordpress.org/plugins/tags/mixed-content/) [Security Headers](https://tw.wordpress.org/plugins/tags/security-headers/)[ssl](https://tw.wordpress.org/plugins/tags/ssl/) * [進階檢視](https://tw.wordpress.org/plugins/volixta-ssl-security-headers/advanced/) ## 評分 5 星,滿分為 5 星 * [ 3 個 5 星使用者評論 ](https://wordpress.org/support/plugin/volixta-ssl-security-headers/reviews/?filter=5) * [ 0 個 4 星使用者評論 ](https://wordpress.org/support/plugin/volixta-ssl-security-headers/reviews/?filter=4) * [ 0 個 3 星使用者評論 ](https://wordpress.org/support/plugin/volixta-ssl-security-headers/reviews/?filter=3) * [ 0 個 2 星使用者評論 ](https://wordpress.org/support/plugin/volixta-ssl-security-headers/reviews/?filter=2) * [ 0 個 1 星使用者評論 ](https://wordpress.org/support/plugin/volixta-ssl-security-headers/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/volixta-ssl-security-headers/reviews/#new-post) [查看全部使用者評論](https://wordpress.org/support/plugin/volixta-ssl-security-headers/reviews/) ## 參與者 * [ VOLIXTA TEAM ](https://profiles.wordpress.org/volixta/) ## 技術支援 使用者可在技術支援論壇提出意見反應或使用問題。 [檢視技術支援論壇](https://wordpress.org/support/plugin/volixta-ssl-security-headers/)