Make WordPress Core


Ignore:
Timestamp:
09/22/2023 07:06:45 PM (13 months ago)
Author:
adamsilverstein
Message:

Security: remove the cron event that checked for https support.

Fix an issue where a cron job ran every 12 hours to check for https support - even when https support was already enabled. The check is now run only when the user visits the Site Health page. Reducing the unneeded requests lowers the impact and load of hosting WordPress sites.

The wp_update_https_detection_errors function is deprecated and the https_detection_errors option that was previously set by the cron job is no longer maintained. The pre_wp_update_https_detection_errors filter is deprecated and replaced by the pre_wp_get_https_detection_errors filter which serves the same function.

Props audrasjb, johnbillion, Michi91.
Fixes #58494.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/class-wp-site-health.php

    r56549 r56664  
    15561556    public function get_test_https_status() {
    15571557        /*
    1558          * Enforce fresh HTTPS detection results. This is normally invoked by using cron,
    1559          * but for Site Health it should always rely on the latest results.
     1558         * Check HTTPS detection results.
    15601559         */
    1561         wp_update_https_detection_errors();
     1560        $errors = wp_get_https_detection_errors();
    15621561
    15631562        $default_update_url = wp_get_default_update_https_url();
Note: See TracChangeset for help on using the changeset viewer.