I was working on a client’s site last week and ran into a problem with the way Woocommerce handles SSL.  Granted, this is only a problem in certain use cases. Here is where the settings can be found in your WordPress Dashboard: Woocommerce > Settings > Checkout.

It looks like it makes sense on the surface, but the issue that makes it problematic is hidden here. Along with making checkout secure, by checking the “Force Secure Checkout” box, you are also forcing SSL on the My Account page. That would be fine, if not for the fact that Woocommerce forces users logging into the backend to the My Account page. So if users login through the backend on your website, they will be on SSL pages, whether  you want it or not. In those cases the “Force HTTP” checkbox seems absurd.