Make WordPress Core

Opened 8 years ago

Last modified 7 years ago

#37148 new defect (bug)

Links in notification emails appearing as https

Reported by: leec87's profile leec87 Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Administration Keywords: https
Focuses: Cc:


I have received several notification emails as an Administrator instructing me that Wordpress has been updated to the latest version.

However, all of the links contained within all of the emails output the URL as https://, and not whatever is stated within the Wordpress Site URL setting in General.

This leads to any link that is visited displaying a 'Connection not secure' message, as there is no SSL certificate for that domain name.

Attachments (1)

Wordpress_adminEmails_https.jpg (22.5 KB) - added by leec87 8 years ago.
Screenshot of email received containing https:// links

Download all attachments as: .zip

Change History (8)

8 years ago

Screenshot of email received containing https:// links

#1 @johnbillion
8 years ago

  • Keywords reporter-feedback added

Thanks for the ticket @leec87, and welcome to WordPress Trac.

Is there any part of your website that is configured to use https? Is your site part of a WordPress Multisite network? If so, can you provide some details?

If not, have you tried deactivating your plugins one by one to see if the problem is being caused by a plugin? Also try switching to one of the default themes such as Twenty Fifteen in case your theme is at fault.

#2 @leec87
8 years ago

  • Keywords reporter-feedback removed

The various sites I've seen emails from, are using different sets of templates and plugins. They are not in multisite environments, neither are they set to use https:// anywhere in the configurations.

Thanks for the welcome. Advanced apologies if I leave anything out, this is my first time. And I'm relatively new to committing push requests on GitHub etc, but pleased to try and help the community.

#3 @ocean90
8 years ago

  • Keywords reporter-feedback added
  • Version trunk deleted

@leec87 Is this also the case for other emails like for comment moderation emails?

#4 @alancolyer
8 years ago

Just to confirm I'm seeing the same issue, in every update email, from > 70 wordpress sites that I administer.
Of those, a single one is configured to use SSL via a plugin, the others are not.

They use a wide variety of plugins and themes. In all cases the theme has been created or modified by us, so I can say that there is nothing in their themes that intentionally modifies links in WP emails. None of them are multisites.

Due to the nature of this email, I can't comment if the latest version has this bug as it will only send an email on the next auto-update. I'll update this ticket if I receive such an email from a 4.5.3 install once 4.5.4 is released.

When I've received other emails (e.g password resets) from wordpress the links have been correct - as far as I've seen it's just the core update notification emails that show this issue.

Here's the raw source of one of these emails, with domain removed - this came from a 4.4.X install that updated itself to 4.4.4:

Howdy! Your site at has been updated automatically to WordPress 4.4.4.

For more on version 4.4.4, see the About WordPress screen:

WordPress 4.5.3 is also now available. Updating is easy and only takes a few moments:

If you experience any issues or need support, the volunteers in the support forums may be able to help.

Keeping your site updated is important for security. It also makes the internet a safer place for you and your readers.

The WordPress Team

EDIT: I also have several comment moderation emails from this same group of sites, the links in those are correct.

Last edited 8 years ago by alancolyer (previous) (diff)

#5 @johnbillion
8 years ago

  • Keywords https added

This ticket was mentioned in Slack in #forums by ocean90. View the logs.

8 years ago

#7 @leec87
7 years ago

  • Keywords reporter-feedback removed

This does not happen in comment emails.

Note: See TracTickets for help on using tickets.