Find and replace all insecure links in a directory with HTTPS

dev-master 2018-10-01 22:05 UTC

This package is auto-updated.

Last update: 2022-09-29 02:00:31 UTC



Latest Version on Packagist Total Downloads Software License Build Status StyleCI

Find all insecure URLs in all files in a directory, and replace them with https:// if supported.




You'll have to follow a simple step to install this package.


Via composer:

$ composer global require sven/tls-checker

You should now be able to run the tls-checker command from anywhere on your system.


Using the package is outlined below.


You can use the search command to search for all insecure URLs in the src/ directory:

$ tls-checker search src/

This will output a table like the one below:

| Domain Name     | Insecure References | Supports TLS |
|      | 17                  | ✔            |
| | 39                  | ✔            |
|       | 4                   | ✘            |

You may optionally specify the --quiet option to easily integrate this tool into some automation. This will make tls-checker exit with exit code 0 if no (fixable) insecure URLs could be found, and exit with code 1 if one or more violations were found.

$ tls-checker search src/ --quiet


You may not just want to search for references, but also fix them immediately. To do so, use the fix command:

$ tls-checker fix src/
    Fixing 56 insecure URLs...
    Successfully fixed 56 insecure URLs


There are several options that work for both the search and the fix commands:


The --exclude option is an array of domains / PCRE patterns that should be ignored when searching or replacing insecure URLs. Default: localhost, (.+)\.test, (.+)\.localhost, (.+)\.invalid, and (.+)\.example (per RFC 2606).

$ tls-checker search src/ --exclude=localhost


This option determines the timeout to use when checking if a domain supports HTTPS in milliseconds. Default: 2000 (2 seconds).

# Wait for a response from HTTPS for 10 seconds before moving on.
$ tls-checker fix src/ --timeout=10000


All contributions (pull requests, issues and feature requests) are welcome. Make sure to read through the first, though. See the contributors page for all contributors.


sven/tls-checker is licensed under the MIT License (MIT). Please see the license file for more information.