How best to keep my localhost on Http while my Remote production is on Https

I am using a plugin **Really Simple SSL** that configured to use SSL. And I use WP Migrate Pro to move my DB from local to remote. But I usually run into the problem of pulling the DB from productions to localhost during development, most of my links on the localhost are using https.

I do not want to set SSL on my local development.

Presently, I deactivate the plugin Really Simple SSL using `wp cli'. Next, I have to Find and Replace https to http on the localhost. That makes updates to be using unsecured repos and my fonts, css and cdn use http which create a new security risk for my development which would eventually end on in production.

What is the best approach so that I do not expose my production to security risk after development?

Topic development-strategy wp-cli local-installation https production Wordpress

Category Web

1
answered at

The correct approach is to use HTTPS everywhere, and to migrate to SSL properly:

  • remove the Really Simple SSL plugin
  • change your sites URL option to the https version
  • search replace your database so all content uses the https URL via WP CLI or a search replace tool ( do not use an SQL query it will break things )
  • update any hardcoded strings in your theme from http to https

Then finally:

  • set up a local SSL certificate and trust it in your browser

A lot of local dev environments will generate the certificate automatically, e.g. VVV or Local.

The alternative is a painful manual search replace each and every time you pull changes down, and push changes up.

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.