Notes on SSL Everywhere

Here’s how I’m adding SSL to my wordpress sites for free:

https://letsencrypt.org/getting-started/

On Linux hosts, here:

https://certbot.eff.org/#ubuntutrusty-nginx

Specifically:

$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install certbot 

And then:

certbot certonly --webroot -w /var/www/noelhunter.com -d noelhunter.com -w /var/www/noelhunter.com -d www.noelhunter.com 

or apache:
certbot --apache
And to renew:
certbot renew --dry-run

For nginx web server, see:

https://www.digicert.com/ssl-certificate-installation-nginx.htm

listen 443 ssl; 
ssl on; 
ssl_certificate /etc/letsencrypt/live/noelhunter.com/mycert.pem; 
ssl_certificate_key /etc/letsencrypt/live/noelhunter.com/mykey.pem;

On apache2, see
https://github.com/certbot/certbot/issues/3854

sudo apt-get install python-certbot-apache

Then in wordpress, add plugins:

https://wordpress.org/plugins/ssl-insecure-content-fixer/
https://wordpress.org/plugins/two-factor-authentication/
https://wordpress.org/plugins/wp-force-ssl/


To test two-factor for users:
https://wordpress.org/plugins/user-switching/

Leave a Reply