[WP] How to Add SSL and HTTPS in WordPress?

[WP] How to Add SSL and HTTPS in WordPress?

SSL plays an important role in website, because in the last year Google announced that they will be using HTTPS and SSL as a ranking signal in their search results. This means that using HTTPS and SSL will help improve your site’s SEO.

Using an SSL certificate for your WordPress site means that your data, as well as your users’ data, remains safe from prying eyes. Since WordPress is a particularly large target for hackers due to its popularity and transparency, it’s important to take all the appropriate steps toward securing your site.

If you host a wordpress website by yourself, you may need to install SSL certificate on your website. I found a simple way to install SSL certificate through commands and the most important thing is this SSL certificate is free. Oh yes, you need to have the basic knowledge of SSH, Linux and Bash.

Let’s Encrypt is a open source certificate authority that’s backed by top companies, including Facebook, Mozilla, Chrome, Cisco etc. The project aims is to make installing SSL certificates automated and free for all.

Let’s Encrypt has an automated installer called Certbot that can help you add a certificate to your site in a few minutes or less. Installing a certificate through Let’s Encrypt is fast. In fact, it’s a lot quicker than other certificate authorities.

Instead of waiting several hours for your request to be accepted and your certificate is finally issued, you can use SSH and the Certbot installer to issue a certificate for your domain in just a few seconds. The entire process from start to finish typically takes a mere matter of minutes, not hours.

[Note] If your server is hosted in AWS EC2, you have to add 443 port in the security groups.

First of all, you need to install Cerbot on your server. Open Cerbot website, You can find out if you need to install the dependencies and find the specific command you need by going to the Certbot website.

For example, I use Apache webserver and linux ubuntu 14.04 OS, so I choose them in dropdown menus.

Then you can see command instructions below.
Screen Shot 2017-01-15 at 10.27.20

All you need to do is run the below commands on your server via SSH:

$ wget https://dl.eff.org/certbot-auto
$ chmod a+x certbot-auto
$ ./certbot-auto

That’s it. You’ve almost done everything.

After this, you need to renew your certificates regularly. Certbot can be configured to renew your certificates automatically before they expire. Since Let’s Encrypt certificates last for 90 days, it’s highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:

$ ./certbot-auto renew --dry-run

You may see the below output:

Upgrading certbot-auto 0.10.0 to 0.10.1...
Replacing certbot-auto...
Creating virtual environment...
Installing Python packages...
Installation succeeded.
Requesting root privileges to run certbot...
  /XXX/letsencrypt renew --dry-run
Saving debug log to /XXX/letsencrypt.log

Processing /etc/XXX
Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for XXX
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/XXX.pem
Creating CSR: /etc/XXX.pem
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

Congratulations, all renewals succeeded. The following certs have been renewed:
  /etc/XXX.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)

 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/XXX. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

If that appears to be working correctly, you can arrange for automatic renewal by adding a cron or systemd job which runs the following:

$ ./certbot-auto renew --quiet --no-self-upgrade

After installing SSL certificate on server, you can use it in your WP site. Edit wp-config.php file, and add the following line of code:

define('FORCE_SSL_ADMIN', true);

Now set a 301 redirect so that anyone visiting your site will be automatically redirected to your secure site using https.

Edit your .htaccess file, or create a new one if it doesn’t already exist. If you already have one, place the following code above everything that’s already there. Don’t forget to replace “mysite.com” with your domain and make sure that you enter in the correct server port if yours isn’t 80.

<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{SERVER_PORT} 80 
 RewriteRule ^(.*)$ https://www.mysite.com/$1 [R,L]

Finally, go to Settings » General and update your WordPress and site URL address fields.
wp setting

(Visited 32 time, 1 visit today)
Comments are closed.