Are you an expert developer? Find the code on GitHub: https://github.com/littlebizzy/force-https
Want guaranteed help and support, and easier plugin downloads/updates?
Become a LittleBizzy.com member for just $39
Protocol-relative URLs are not being recommended anymore by some web experts, because the “secure by default” mindset and rapid adaption of SSL (TLS) over HTTPS has surged ahead in the past few years. Still, the problem with WordPress is that it relies on absolute paths/URLs whenever referencing hyperlinks or static resources. So, when the typical WordPress webmaster orders “SSL” from their web host and activates it, one or more things happens:
1. Now their site is loading on both protocols, resulting in duplicate content issues, security concerns, and browser warnings in regard to insecure resources.
2. Smarter web hosts or webmasters might 301 redirect the HTTP version to HTTPS, but resources in the page source code are not fixed. In efect, this cancels out the security benefits and performance benefits of HTTP/2 as well, not to mention the browser warnings that accompany.
This plugin not only makes SURE that HTTP versions of pages site-wide are 301 redirected to their HTTPS equivalent, but it also changes all static resources to use protocol-relevant URLs. But you are wondering why we use relevant URLs if experts are no longer recommending that? Well, If this plugin is installed, the worry over protocol relevancy is null, because this plugin first enforces the HTTPS redirects before implementing relative protocol sources.