Marketing Tool AI | The Future of Digital Growth
Get Started

AI Pro SSL Documentation

Overview

AI Pro SSL helps you switch to HTTPS safely, fix mixed content, and apply modern security headers—with a simple dashboard and a built-in configuration scanner. You get all features free for 30 days; after that, add a license key to keep using Pro.

Made by: AI Marketing Tools
Homepage & docs: marketingtoolai.com (all links below point there)

Requirements

  • WordPress: 5.8 or newer
  • PHP: 7.4 or newer
  • TLS Certificate: Any valid SSL/TLS certificate (Let’s Encrypt, cPanel/Host, Cloudflare, etc.)
  • Permissions: WordPress admin (capability manage_options)

Install & Activate

  1. In WP Admin → Plugins → Add New → Upload, install the ZIP you received.
  2. Activate AI Pro SSL.
  3. Go to AI Pro SSL → Dashboard and click Run Scan.
    The progress card will highlight any remaining setup tasks.

Tip: Deactivate other “HTTPS/SSL” plugins while configuring AI Pro SSL to avoid duplicate redirects.

Trial & Licensing

You can use all features for 30 days without a key. After that, the controls lock until you enter a license.

Where: AI Pro SSL → Dashboard → License
Fields:

  • License Key – provided by AI Marketing Tools.
  • License Server URL – the endpoint that issues/validates keys (from your AIMarketer License Manager).
  • API Secret (optional) – if your license server requires a shared secret header.
  • Product ID (optional) – if your license server binds keys to products/SKUs.

Buttons:

  • Save – store the above values.
  • Activate – binds the key to the current domain/instance.
  • Deactivate – releases the activation slot for this domain.
  • Refresh Status – rechecks status/remaining activations.

License API (for reference):
Your AIMarketer License Manager exposes these JSON endpoints:

POST /wp-json/aim/v1/validate
POST /wp-json/aim/v1/activate
POST /wp-json/aim/v1/deactivate

Requests include the key (and optionally product and instance/domain). AI Pro SSL calls these for you from the License panel.

Dashboard Tour

Progress

  • A score with a list of tasks (e.g., “Enable HTTPS redirect”, “Enable HSTS”) and quick links to settings.

Quick Toggles

  • Force HTTPS – adds a safe, loop-aware redirect to HTTPS.
  • Fix mixed content – rewrites http:// asset URLs to https:// on the fly.
  • Send HSTS headerStrict-Transport-Security (with preload guidance).
  • Disable XML-RPC – closes an attack surface unless you need it.
  • Hide WP version – removes the generator meta.
  • Secure auth cookies – sets secure cookie flags where supported.

License

  • Enter and manage your license. Trial days are shown in the header.

Status

  • Domain, protocol, redirect, HSTS, and XML-RPC state at a glance.

Recommended Setup (2 minutes)

  1. Force HTTPS – Toggle ON.
  2. Fix mixed content – Toggle ON.
  3. Security headers – Toggle HSTS and other headers (see below).
  4. Run Scan – Follow any remaining tasks until you reach 100%.

Security Headers (what each does)

HeaderPurposeTypical value
Strict-Transport-Security (HSTS)Forces browsers to use HTTPS on future visitsmax-age=31536000; includeSubDomains; preload (enable only when you’re confident HTTPS works everywhere)
X-Content-Type-OptionsPrevents MIME sniffingnosniff
X-Frame-OptionsClickjacking mitigationSAMEORIGIN (or DENY if you never embed)
Referrer-PolicyControls referrer leaksstrict-origin-when-cross-origin (balanced default)

HSTS Preload: Only enable preload after confirming your whole domain (and subdomains) is HTTPS. Preload lists are hard to undo.

Scanner

The scanner checks common HTTPS misconfigurations and security header gaps and outputs actionable tasks.

  • Run Scan anytime after changing settings.
  • Under the hood:
    • REST: GET /wp-json/aiprossl/v1/scan
    • Fallback AJAX: action=aiprossl_scan
    • REST “ping”: GET /wp-json/aiprossl/v1/ping

If a server or plugin emits unexpected output, we capture and show the error text in the Progress card.

CDN / Proxy Notes

If your site is behind a load balancer, proxy, or CDN (e.g., Cloudflare, Nginx proxy, ELB), WordPress may not detect HTTPS correctly.

Add (or ensure) this logic early (e.g., in wp-config.php) before WordPress loads:

// Honor proxy headers for HTTPS detection
if (!empty($_SERVER[‘HTTP_X_FORWARDED_PROTO’]) && $_SERVER[‘HTTP_X_FORWARDED_PROTO’] === ‘https’) {
$_SERVER[‘HTTPS’] = ‘on’;
}

WooCommerce

  • Redirects are designed to avoid loops/conflicts on cart/checkout.
  • Always clear your page cache after enabling HTTPS and headers.
  • If you use a third-party checkout domain or embedded payment widgets, keep Referrer-Policy at a compatible level (e.g., strict-origin-when-cross-origin).

Multisite

  • Network Activate to use across the network, or activate per site.
  • License activation is per domain/instance (follow your license plan).
  • HSTS applies per domain; ensure sub-sites are HTTPS before enabling includeSubDomains.

Troubleshooting

Mixed Content warnings persist

  • Re-run the scanner; enable “Fix mixed content”.
  • Replace hard-coded http:// URLs in theme/page builder options, especially:
    • Site logo, favicon / site icon
    • Custom CSS/HTML blocks
    • Page builder image/JS/CSS URLs

Redirect loop

  • Temporarily turn Force HTTPS OFF.
  • Add the proxy snippet above for HTTPS detection, then enable it again.

Admin bar or images broken only in admin

  • Ensure your Site Icon (Customizer → Site Identity) uses an https:// URL.

REST 404/500 during scan

  • Security plugins or firewalls may block REST. The dashboard will automatically fall back to AJAX.
  • If you still see an error message, copy it here and check your PHP error log.

Locked features after trial

  • Enter a valid license key and click Activate.
  • Activations are tied to your domain; if you move the site, press Deactivate first to free a slot.

Conflicts with other SSL plugins

  • Deactivate other SSL/redirect/mixed-content plugins to prevent duplicate logic.

Uninstall

  • Deactivate AI Pro SSL.
  • Click Delete in the Plugins screen to remove plugin files and stored options.
  • (Optional) Remove any custom code you added to wp-config.php or your server config.

Privacy

AI Pro SSL does not collect personal data. When you activate a license, the plugin sends the license key, product ID (if set), and your site domain to the configured license server to validate/activate/deactivate.

Developer Notes

  • Capabilities: Settings pages and actions require manage_options.
  • REST:
    • GET /wp-json/aiprossl/v1/ping{ ok: true }
    • GET /wp-json/aiprossl/v1/scan{ progress, tasks[], status[] }
  • AJAX fallback: action=aiprossl_scan (admin only).
  • Hooks/Filters:
    • The plugin honors xmlrpc_enabled for XML-RPC checks.
    • Standard WordPress send_headers is used to set headers.

FAQ

Does AI Pro SSL issue certificates?
No. Install a certificate via your host or CDN; AI Pro SSL handles redirects, mixed content, and headers.

Can I break my site with HSTS?
If you enable preload prematurely, browsers will hard-force HTTPS. Verify all subdomains are HTTPS first.

Will this slow my site?
No front-end assets; minimal PHP logic. Works fine with caching/CDNs.

How do I move the license to a new domain?
Deactivate on the old domain (License → Deactivate), then activate on the new domain.

Support & Resources

Changelog (highlights)

  • 1.3.6 – Hardened scanner, REST ping, safer output buffering, AJAX fallback, improved error display.
  • 1.3.x – New UI, license panel, 30-day full-access trial, quick toggles, progress tasks.


Deprecated: File Theme without comments.php is deprecated since version 3.0.0 with no alternative available. Please include a comments.php template in your theme. in /home/sctjx2dgn1zj/public_html/wp-includes/functions.php on line 6121

Leave a Reply

Your email address will not be published. Required fields are marked *