1.2 Secure Your WordPress Site With SSL
In this lesson, I’ll show you how to set up the Certbot package in an Ubuntu/Apache environment. Then we’ll go on to download and install SSL certificates and make the necessary modifications to our WordPress site.
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo apt-add-repository ppa:certbot/certbot
$ sudo apt-get install python-certbot-apache
$ sudo certbot --apache
1.2 Secure Your WordPress Site With SSL
[SOUND] Hello and welcome back. So let's get started with securing our WordPress website using SSL. As you can see, I have a WordPress website at blog.mysecuredwebsite.tk. That is currently not configured for using SSL. The first step towards enabling SSL on a website is to install the Certbot package, which is a utility tool from EFF or Electronic Frontier Foundation Certbot deploys SSL certificates from Let's Encrypt, which is a free and open certificate authority. You can find more about Let's Encrypt at its official website, which is letsencrypt.org This is the official website of Certbot at certbot.eff.org. And we can find the installation instruction for our system using these two dropdowns at the homepage. Since I'm using Ubuntu with Apache, I'll select Apache and Ubuntu 17. But if you're using a different environment, it's like your own configurations. Selecting these two options would take us to the installation instructions at the bottom of the page. So there are a few commands that are required for Ubuntu in order to add the certbot repository. The first one is to update the local packages list. The second one downloads and installs the package named software-properties-common, which is a dependency for the Certbot package. The third one actually adds this Certbot package into the list of our local repository using or personal package archive method. And this is because the Certbot package is not available on this standard Ubuntu repository. And finally, this last command is for downloading and installing the actual Certbot package. Let's execute these commands in the Ubuntu to command line. Let me first update the list of our packages. Let's now install the software properties common package And let's now add the Certbot repository using the apt add repository command. And finally, we can download and install the actual Certbot package. All right, so with the Certbot package finally downloaded and installed on a server, we can now run the command to add SSL certificates for our website. And if we refer to the official docs, there are actually two commands depending on your preferences. The first approach obtains the certificate, as well as produces necessary Apache configuration files. The second approach uses cert only option. That just obtains the certificate and leaves modifying the Apache configuration files up to you. We will be using the first approach since it is the easier one. So let's switch back to the SSH terminal and execute the Certbot command. So this starts an interactive wizard, which is asking us to enter an email address. And Certbot will use this email address to notify us and gives us certificate expiration or renewal. So I'll enter my personal email, which is email@example.com. And yes, I agree to the terms and conditions. And no, I would like to keep my email private, and I don't want to share it with anyone. So I'll enter No as the answer here. Now the wizard will list all the domains that are currently configured in my Apache configurations. Since I am running my website on default domain which is blog.mysecuredwebsite.tk, I'll press 1 and then enter. The wizard would then ask if you want to redirect HTTP traffic to HTTPS. I'll enter 2 which is to enable the redirection and then press enter. All right, so the certificate has been obtained and installed. This certificate is valid for 90 days and when the certificate is about to expire, you can renew it using the Certbot renew command. So the only thing left for us now is to go to our WordPress admin and change the website url to https. And we can do that by going to the WordPress admin Settings > General. And then change these URLs to HTTPS. And we are all done. HTTPS is finally enabled on our WordPress website as you can see in the address bar. So that was about it for enabling SSL certificates on both those websites. I hope you find this course useful. I'm and I'll see you next time. See ya.