[wp-trac] [WordPress Trac] #52783: Health Check mis-reports https functionality in certain situations

Tue Apr 13 15:44:05 UTC 2021

#52783: Health Check mis-reports https functionality in certain situations
-------------------------------------------------+-------------------------
 Reporter:  Ipstenu                              |       Owner:
                                                 |  peterwilsoncc
     Type:  defect (bug)                         |      Status:  closed
 Priority:  normal                               |   Milestone:  5.7.1
Component:  Site Health                          |     Version:  5.7
 Severity:  normal                               |  Resolution:  fixed
 Keywords:  has-patch has-unit-tests commit      |     Focuses:
  fixed-major                                    |
-------------------------------------------------+-------------------------

Comment (by Ipstenu):

 >  But it seems like we are closing this because of a lack of
 documentation about the issue we've fixed in this ticket?

 I'm totally fine with the documentation being a separate ticket, on the
 basis of these fixes. But I '''strongly''' feel it's our responsibility to
 educate users as to WHY this matters. it's the same reason why we have to
 be careful when we tell people "Hey, your PHP is old." Yes, it matters
 greatly, but at the same time, if we don't explain why and where to go,
 we're failing at the ultimate purpose of the health check!

 To whit: If people can't solve the problems on the Health Check page, we
 have ''failed'' to properly explain the issue and direct them forward.

 Since you asked this:

 > So what would this documentation concretely be?

 The simplest is "Why this matters..."

 If someone gets a message on our check-health pages, it's '''our
 responsibility''' to make sure they understand what the message means and
 ''why'' it matters,

 For example, a document that does something like this...

 "As of [year], it has become imperative that all websites use HTTPS for
 all communications, even something as straightforward as delivering a
 static about page, in order to protect visitors. Search Engines actively
 downgrade you, and many browsers will block users from accessing your
 website. As such, WordPress feels it's highly important that all websites
 can support HTTPS connections. While WordPress itself can change the URLs
 on your site to use that protocol, you will need to add an SSL certificate
 to your site. In many cases, this will require you to contact your webhost
 directly."

 Essentially we're telling them "This is the reason this matters, here's
 how you can go about fixing it."

 That way they're educated going forward, we're giving them the tools to
 get it fixed, and hopefully everyone moves to HTTPS :)

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/52783#comment:54>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform