Remaining steps

• Make HTTPS the default
• Make sure the error message links to this FAQ: https://matomo.org/faq/how-to/faq-how-to-disable-https-for-matomo-org-and-api-matomo-org-requests/
• Update the FAQ https://matomo.org/faq/how-to/faq-how-to-disable-https-for-matomo-org-and-api-matomo-org-requests/ to mention it was put in 5.0.0 instead of "We will soon switch this connection over to HTTPS"
• Test that an update from 5.0.0-bX to 5.0.0-bY still work when HTTPS doesn't work (ie. people see the message, and after changing the INI config as per the clear FAQ, then it works for people)

Initial issue

This applies to all api.matomo.org and plugins.matomo.org calls.

1. DONE First we add a new required system check showing to users if the connection over HTTPS works or not for these endpoints. If it doesn't work, then there should be an error shown explaining that we will soon switch to HTTPS by default. They should either make HTTPS work or disable HTTPS (see next item). We should mention the consequences of not fixing this issue (eventually won't receive any updates anymore big security issue for sure, and using HTTP is a minor security issue that someone could pretend there is no longer an update available)

2. We introduce a setting to force HTTP instead of HTTPS as some people won't be able to change their PHP either because the hoster doesn't allow it or because they aren't technical enough etc.

3. Create an FAQ about how to make HTTPS work or disable HTTPS and link to it in the system check error message in 1 above.