Letsencrypt Wordpress

Posted on by admin



Auto-configure a Let's Encrypt certificate The Bitnami HTTPS Configuration Tool is a command line tool for configuring mainly HTTPS certificates on Bitnami stacks, but also common features such as automatic renewals, redirections (e.g. HTTP to HTTPS), etc. This tool is located in the installation directory of the stack at /opt/bitnami.

Hey there fellow bloggers. This is Parvez and in this article I will show you how to configure Let’s Encrypt SSL with WordPress. This will be a small, easy to follow guide. After you complete all steps mentioned, you will have a completely free SSL certificate by Let’s Encrypt and your WordPress site will be migrated from HTTP to HTTPS.

Before beginning, let’s get some idea about SSL, Let’s Encrypt and things required for successful setup. If you already know about them, you can skip to Step 1 right away.

  1. By using Let’s Encrypt and enabling HTTPS you can benefit from HTTP/2 on your site, which means performance improvements. And now you can also benefit from free SSL hosting. How to Setup Let’s Encrypt on Your WordPress Site. Setting up SSL is now as easy as 123.
  2. Specifically, a WordPress plugin. Zack Tollman and John Blackbourn have been working on a Let’s Encrypt plugin for WordPress. The idea is that you would search for the plugin in your WordPress dashboard, one-click install it, and run an ultra simple WP-CLI command: $ wp cert new.
  3. Go to the swag appdata location. Find the nginx folder and then edit the file called “default” in the “site-conf” folder. I recommend using notepad Below is my server block that I use for https://technicalramblings.com.

What is SSL and Why Should You Use It?

SSL stands for Secure Socket Layer which is predecessor to TLS (Transport Layer Security). In short, SSL provides encryption during data transmission on the Internet. Without SSL, any data being transferred between your visitor and your server is unencrypted.

Unencrypted traffic can be snooped-over by users with malicious intentions. It is easy for hackers to eavesdrop on sites without SSL -and are prone to attacks like man-in-the-middle attack. If you have any data that should be confidential –like user details, payment information etc., then you must use SSL on your site.

This is why financial institutions use the strongest security possible and their URLs always begin with HTTPS. A site with HTTPS and the green padlock sign means your connection is encrypted.

SSL certs also increases your visitors’ trust in your site. In fact, your site can also gain a small boost in Google rankings. This is why, even if your site isn’t going to have data that should be kept safe, you should consider using SSL.

What Is Let’s Encrypt?

SSL certificates are issued by CAs (certificate Authorities). A genuinely issued cert makes it sure that you have legitimately obtained it and you are the intended owner. The bad part? These Certificate Authorities charge some hefty piece of money to issue SSL certs for you.

This is when Let’s Encrypt comes in picture. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG). The ISRG is a US-based non-profit and consists of members from organizations like Mozilla, Cisco, Akamai, Electronic Frontier Foundation (EFF) and more.

Let’s Encrypt is a CA itself which issues SSL certs for free. That’s right, completely free! Let’s Encrypt is completely automated and easy to use. You can issue a cert on your own within moments –free of charge. Every new cert is issued for three months –after which it is renewed automatically.

All modern web-browsers recognize SSL certs issued by Let’s Encrypt so you don’t have to worry about your visitors not being able to browse your site.

Sounds good? Of course it does. So let us learn how to configure Let’s Encrypt SSL with WordPress.

Requirements

A Let’s Encrypt-friendly host: Your host should support Let’s Encrypt and provide the option in cPanel. If your host provides commercial SSL service, it probably won’t support Let’s Encrypt in favor of their own SSL business. Get in touch with your host if Let’s Encrypt is not natively supported.

Hosts like SiteGround natively support Let’s Encrypt (despite having their own SSL products). Last time I checked, hosts like NameCheap or GoDaddy doesn’t support Let’s Encrypt.

Some knowledge of cPanel: You will be issuing SSL certificate from cPanel.

Patience and ability to keep calm if things don’t go as expected.

Note: If your domain begins with WWW, make sure to add WWW everywhere your domain is entered in this guide.

How to Configure Let’s Encrypt SSL with WordPress?

Step 1: Issuing a New SSL Certificate

Okay, we will be generating a new SSL cert from Let’s Encrypt. For this, log-in to your cPanel and find Let’s Encrypt. Note that you will find Let’s Encrypt option only if your host supports it.

Enter Let’s Encrypt and scroll down to Install new Let’s Encrypt Certificate.

Select your domain from the list (if you have more than one) and enter an email address you’d like to register the SSL certificate with.

Click Install and let Let’s Encrypt finish its process. It should take no more than one minute to generate a new certificate for your domain.

After a new cert has been successfully generated, you will see it under Installed Certificates. Also notice its status and Renewal Date.

Very well, you have just obtained a new Let’s Encrypt certificate for your domain.

You can now browse your domain by adding HTTPS:// and it should open without warning. If your browser shows certificate warning, then clear browser cache and wait for some time before browsing your domain with HTTPS again.

Once you make sure that your site is being browsed with HTTPS, you can proceed to next step.

Step 2: Configuring WordPress to Work with HTTPS

So your domain has just received brand-new SSL certificate from Let’s Encrypt for free. Thanks Let’s Encrypt! Now you’ll need to configure Let’s Encrypt SSL with WordPress.

Bitnami Wordpress Letsencrypt

To do so, log-in to your WordPress dashboard and go to Settings > General.

You will see Site Address (URL) field there. You’ll have to make a small change here. Replace HTTP:// with HTTPS://. So if your URL is http://mycoolblog.com then it becomes https://mycoolblog.com.

Save the change. Easy! now it’s time to redirect all not-HTTP traffic to HTTPS. Keep reading on next page.

WP Professional

WP Professional Plus

Adding Let’s Encrypt to a Domain

Adding Let’s Encrypt to your WordPress site follows the same process as adding Let’s Encrypt to your non-WordPress domains.

  1. Log in to the ACC
  2. In the left sidebar, click Manage SSL
  3. In the drop-down, click Manage Your SSL
  4. Find your domain name in the list of domains and click its Let’s Encrypt button
  5. Click Enable Let’s Encrypt

This will request a Let’s Encrypt certificate for the domain. Once a certificate is requested, the message, “Let's Encrypt: Certificate Requested” will appear over the Let’s Encrypt button.

You may navigate away from this page. The process will proceed whether you are on the page or not.

Letsencrypt wordpress ubuntu

If a certificate has been issued successfully, a green lock will appear next to the domain name.

Once Let's Encrypt certificate has been issued successfully, you can move on to the next steps.

After Adding Let's Encrypt...

After you have added Let’s Encrypt to your WordPress site, there are two more steps you may need to take:

Update Your WordPress Database Links

Letsencrypt wordpress lightsail

We recommend updating all links in your database to https. This can be accomplished by using a plugin, likeVelvet Blues, or via the wp-cli command line tool.

It is important that you do not modify any https links in the guid column. TheVelvet Bluesplugin automatically marks the guid column as unalterable.

Update Your WordPress Address URL

Letsencrypt Wordpress Docker

This step may be unnecessary if you are using a WP Enthusiast or WP Professional hosting account. However, even on these accounts, you may need to complete this step if you have internal links on your site that are using http instead of https. Double check your internal links if you are unsure whether to proceed.

However, this is a required step if you have just added Let’s Encrypt on a WordPress site that is not on a WP Enthusiast or WP Professional hosting account.

WordpressLetsencrypt Wordpress

To update your site address, you need to change the WordPress Address URL and Site Address URL in your WordPress editor. To make the change, follow these steps:

  1. Log into your WordPress account
  2. At the bottom of the left sidebar, click Settings
  3. Click General
  4. In the boxes next to WordPress Address (URL) and Site Address (URL), add a ‘s’ to ‘http’
Letsencrypt Wordpress

Docker Wordpress Letsencrypt

After you have taken these steps, your site will begin to use SSL, thus making the connection between your site and its visitors more secure.

Was this article helpful?

Letsencrypt Wordpress Digitalocean

Related Articles