The SSL Redirect plugin is able to redirect non-secure HTTP-pages to secure HTTPS-pages, and back again. Which pages need to be served through SSL and which not, can be configured through plugin parameters: Per Menu-Item, per component, etcetera.
Want to see SSL Redirection in action?
Your extension SSLRedirect is perfect! And setup is easy.
The Joomla! Global Configuration allows you to configure SSL, but if a visitor enters a Joomla! page through non-HTTPS, this visitor is not automatically redirected. Also you can't enable SSL for just some pages, while all other pages are served through regular HTTP.
While the Apache
htaccess file can be configured to contain RewriteRules for this, it is much more complicated and error prone. This is the main reason why the Yireo SSL Redirect plugin was developed.
With Joomla 3, the Global Configuration contains a setting Enforce SSL which allows you to enforce HTTPS upon your entire site. If you want to use SSL for all your pages, our plugin is not needed - you can simply use this core setting. If you want to implement SSL only partially, our plugin offers the solution though. However, if you want to use SSL for all your pages, and you want to have SSL guaranteed, and you want to set the HTST flag in your headers, again our plugin pays off.
We recommend you implement SSL on all your pages. Google will rank your site higher if you do so. The performance loss is not something you should be worried about - it is so small, that you are simply better of switching entirely to SSL.
For more details, see the SSLRedirect guide.
Maintaining a hosting environment properly can be tough at times, especially when it comes to SSL. In the last years, the most common SSL implementation - OpenSSL - has had severe security issues: Heartbleed, FREAK, SSL 3.0 vulnerabilities, POODLE. Staying up to date with your SSL certificate is a must. If you want us to check your SSL environment to scan for any issues, we are the right partner for you.
Perhaps you have a control panel to make things easier - CPanel, DirectAdmin, Plesk - but installing an SSL certificate might still be a complex thing: How to generate a CSR? How to bundle multiple chain-certificates into 1 single chain-file? Don't worry, you don't need to know everything - we are here to help you out.
While in the past SSL certificates were expensive, since end of 2015 there is LetsEncrypt - an open source initiative to create free certificates. We are using LetsEncrypt on numerous sites already, and we are happy to help you implement it on your server.
If you need help configuring your SSL certificate, if you want to properly setup your htaccess file, or if you want to make sure SSL situation is actually secure and supported across all browsers, Yireo gives you the expertise. Check out our Custom Development services for more information.