WP_Site_Health::get_test_https_status(): array

In this article

Tests if the site is serving content over HTTPS.

Description

Many sites have varying degrees of HTTPS support, the most common of which is sites that have it enabled, but only if you visit the right site address.

Return

array The test results.

Source

public function get_test_https_status() {
	/*
	 * Check HTTPS detection results.
	 */
	$errors = wp_get_https_detection_errors();

	$default_update_url = wp_get_default_update_https_url();

	$result = array(
		'label'       => __( 'Your website is using an active HTTPS connection' ),
		'status'      => 'good',
		'badge'       => array(
			'label' => __( 'Security' ),
			'color' => 'blue',
		),
		'description' => sprintf(
			'<p>%s</p>',
			__( 'An HTTPS connection is a more secure way of browsing the web. Many services now have HTTPS as a requirement. HTTPS allows you to take advantage of new features that can increase site speed, improve search rankings, and gain the trust of your visitors by helping to protect their online privacy.' )
		),
		'actions'     => sprintf(
			'<p><a href="%s" target="_blank">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
			esc_url( $default_update_url ),
			__( 'Learn more about why you should use HTTPS' ),
			/* translators: Hidden accessibility text. */
			__( '(opens in a new tab)' )
		),
		'test'        => 'https_status',
	);

	if ( ! wp_is_using_https() ) {
		/*
		 * If the website is not using HTTPS, provide more information
		 * about whether it is supported and how it can be enabled.
		 */
		$result['status'] = 'recommended';
		$result['label']  = __( 'Your website does not use HTTPS' );

		if ( wp_is_site_url_using_https() ) {
			if ( is_ssl() ) {
				$result['description'] = sprintf(
					'<p>%s</p>',
					sprintf(
						/* translators: %s: URL to Settings > General > Site Address. */
						__( 'You are accessing this website using HTTPS, but your <a href="%s">Site Address</a> is not set up to use HTTPS by default.' ),
						esc_url( admin_url( 'options-general.php' ) . '#home' )
					)
				);
			} else {
				$result['description'] = sprintf(
					'<p>%s</p>',
					sprintf(
						/* translators: %s: URL to Settings > General > Site Address. */
						__( 'Your <a href="%s">Site Address</a> is not set up to use HTTPS.' ),
						esc_url( admin_url( 'options-general.php' ) . '#home' )
					)
				);
			}
		} else {
			if ( is_ssl() ) {
				$result['description'] = sprintf(
					'<p>%s</p>',
					sprintf(
						/* translators: 1: URL to Settings > General > WordPress Address, 2: URL to Settings > General > Site Address. */
						__( 'You are accessing this website using HTTPS, but your <a href="%1$s">WordPress Address</a> and <a href="%2$s">Site Address</a> are not set up to use HTTPS by default.' ),
						esc_url( admin_url( 'options-general.php' ) . '#siteurl' ),
						esc_url( admin_url( 'options-general.php' ) . '#home' )
					)
				);
			} else {
				$result['description'] = sprintf(
					'<p>%s</p>',
					sprintf(
						/* translators: 1: URL to Settings > General > WordPress Address, 2: URL to Settings > General > Site Address. */
						__( 'Your <a href="%1$s">WordPress Address</a> and <a href="%2$s">Site Address</a> are not set up to use HTTPS.' ),
						esc_url( admin_url( 'options-general.php' ) . '#siteurl' ),
						esc_url( admin_url( 'options-general.php' ) . '#home' )
					)
				);
			}
		}

		if ( wp_is_https_supported() ) {
			$result['description'] .= sprintf(
				'<p>%s</p>',
				__( 'HTTPS is already supported for your website.' )
			);

			if ( defined( 'WP_HOME' ) || defined( 'WP_SITEURL' ) ) {
				$result['description'] .= sprintf(
					'<p>%s</p>',
					sprintf(
						/* translators: 1: wp-config.php, 2: WP_HOME, 3: WP_SITEURL */
						__( 'However, your WordPress Address is currently controlled by a PHP constant and therefore cannot be updated. You need to edit your %1$s and remove or update the definitions of %2$s and %3$s.' ),
						'<code>wp-config.php</code>',
						'<code>WP_HOME</code>',
						'<code>WP_SITEURL</code>'
					)
				);
			} elseif ( current_user_can( 'update_https' ) ) {
				$default_direct_update_url = add_query_arg( 'action', 'update_https', wp_nonce_url( admin_url( 'site-health.php' ), 'wp_update_https' ) );
				$direct_update_url         = wp_get_direct_update_https_url();

				if ( ! empty( $direct_update_url ) ) {
					$result['actions'] = sprintf(
						'<p class="button-container"><a class="button button-primary" href="%1$s" target="_blank">%2$s<span class="screen-reader-text"> %3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
						esc_url( $direct_update_url ),
						__( 'Update your site to use HTTPS' ),
						/* translators: Hidden accessibility text. */
						__( '(opens in a new tab)' )
					);
				} else {
					$result['actions'] = sprintf(
						'<p class="button-container"><a class="button button-primary" href="%1$s">%2$s</a></p>',
						esc_url( $default_direct_update_url ),
						__( 'Update your site to use HTTPS' )
					);
				}
			}
		} else {
			// If host-specific "Update HTTPS" URL is provided, include a link.
			$update_url = wp_get_update_https_url();
			if ( $update_url !== $default_update_url ) {
				$result['description'] .= sprintf(
					'<p><a href="%s" target="_blank">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
					esc_url( $update_url ),
					__( 'Talk to your web host about supporting HTTPS for your website.' ),
					/* translators: Hidden accessibility text. */
					__( '(opens in a new tab)' )
				);
			} else {
				$result['description'] .= sprintf(
					'<p>%s</p>',
					__( 'Talk to your web host about supporting HTTPS for your website.' )
				);
			}
		}
	}

	return $result;
}

Changelog

VersionDescription
5.7.0Updated to rely on wp_is_using_https() and wp_is_https_supported().
5.2.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.