{"id":482,"date":"2018-11-19T18:40:16","date_gmt":"2018-11-20T00:40:16","guid":{"rendered":"http:\/\/zewwy.ca\/?p=482"},"modified":"2018-11-19T18:40:56","modified_gmt":"2018-11-20T00:40:56","slug":"secure-a-wordpress-site-with-https","status":"publish","type":"post","link":"https:\/\/zewwy.ca\/index.php\/2018\/11\/19\/secure-a-wordpress-site-with-https\/","title":{"rendered":"Secure a WordPress Site with HTTPS"},"content":{"rendered":"<h1 style=\"text-align: center;\"><span class=\"ez-toc-section\" id=\"Intro\"><\/span><strong>Intro<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p>Well it is slowly becoming a requirement, even for a site that simply shares content and has no portal or user information&#8230; such as my site&#8230; but may as well do it now since we can get certified certificates for free!!! Wooohoooo!<\/p>\n<p>So doing a bit of research&#8230;.<\/p>\n<h1 style=\"text-align: center;\"><span class=\"ez-toc-section\" id=\"Research\"><\/span>Research<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><a href=\"https:\/\/www.turnkeylinux.org\/forum\/support\/20150304\/wordpress-ssl\">Securing WordPress<\/a><\/p>\n<p><a href=\"https:\/\/www.turnkeylinux.org\/blog\/ssl-certificates\">TurnKey SSL Certs<\/a><\/p>\n<p><a href=\"https:\/\/letsencrypt.org\/getting-started\/\">Let&#8217;s Encrypt!<\/a><\/p>\n<p><a href=\"https:\/\/certbot.eff.org\/lets-encrypt\/debianjessie-apache\">Cert-Bot<\/a><\/p>\n<p>TurnKey WordPress uses Debian&#8230; <a href=\"https:\/\/linuxconfig.org\/check-what-debian-version-you-are-running-on-your-linux-system\">what version?<\/a><\/p>\n<h1 style=\"text-align: center;\"><span class=\"ez-toc-section\" id=\"The_Tasks\"><\/span>The Tasks<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p>Alright so we are running Debian 8, let&#8217;s follow that cert-bot tut&#8230;.<\/p>\n<p>Let&#8217;s start by creating a snapshot, at this point I don&#8217;t exactly have backups running yet&#8230; I know I know&#8230; I was suppose to do Free Hypervisor Backup Part 3 where I redesign ghettoVCB&#8217;s script&#8230;. unfortunately I can only do so much and I have many projects on the run. I will get it to though, I promise!<\/p>\n<p><a href=\"https:\/\/i.imgur.com\/Z0U9yrY.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/i.imgur.com\/Z0U9yrY.png\" alt=\"\" width=\"866\" height=\"755\" \/><\/a><br \/>\nNow with that out of the way, running Cert-Bot&#8230;<br \/>\nThen I ran into some errors&#8230; oopsies&#8230;.<\/p>\n<p><a href=\"https:\/\/i.imgur.com\/NWJfShp.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/i.imgur.com\/NWJfShp.png\" alt=\"\" width=\"862\" height=\"752\" \/><\/a><br \/>\nWhat happened?!?!<br \/>\nWell I was working through a lot of network redesign, and my public website, the very WordPress I was trying to get a certificate for,<br \/>\nhad a NAT rule to get out to the internet, which is why the grabbing and running of the CertBot succeeded up until this point.<br \/>\nI didn&#8217;t create the NAT rule to allow HTTP traffic just yet as I was wanting to create this certificate first. Little did I know it was going to be a prerequisite<br \/>\nAnyway I had to update my Websites DNS record to point to my new public IP,<br \/>\nas well as create a NAT and security rule to allow my website to be accessible from the outside world&#8230;<\/p>\n<p><a href=\"https:\/\/i.imgur.com\/DtQLV32.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/i.imgur.com\/DtQLV32.png\" alt=\"\" width=\"1461\" height=\"60\" \/><\/a><br \/>\nI had to wait a while for DNS to replicate to other servers outside, specifically whichever ones Lets Encrypt servers use to locate and validate my requests from CertBot.<br \/>\nso&#8230;<br \/>\nafter making the changes, and waiting a while I attempted to access my website from the internet again,<br \/>\nit was failing and then I realized my mistake was in the security rule I defined. correcting my security rule, I could access my website.<br \/>\nrunning Certbot again&#8230;<\/p>\n<p><a href=\"https:\/\/i.imgur.com\/iIr3fWx.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/i.imgur.com\/iIr3fWx.png\" alt=\"\" width=\"746\" height=\"523\" \/><\/a><\/p>\n<p>Yay, and it listed all the virtual hosts hosted by my turnkey wordpress..<\/p>\n<p>then created another NAT rule to hanndle https traffic&#8230; and then the security rule&#8230;<\/p>\n<p>That was literally it! CertBot made it so easy! Yay that&#8217;s a first! \ud83d\ude00<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Intro Well it is slowly becoming a requirement, even for a site that simply shares content and has no portal or user information&#8230; such as my site&#8230; but may as well do it now since we can get certified certificates for free!!! Wooohoooo! So doing a bit of research&#8230;. Research Securing WordPress TurnKey SSL Certs &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/zewwy.ca\/index.php\/2018\/11\/19\/secure-a-wordpress-site-with-https\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Secure a WordPress Site with HTTPS&#8221;<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"sfsi_plus_gutenberg_text_before_share":"","sfsi_plus_gutenberg_show_text_before_share":"","sfsi_plus_gutenberg_icon_type":"","sfsi_plus_gutenberg_icon_alignemt":"","sfsi_plus_gutenburg_max_per_row":"","footnotes":""},"categories":[8],"tags":[121,133,56],"class_list":["post-482","post","type-post","status-publish","format-standard","hentry","category-server-administration","tag-https","tag-secure","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/482","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/comments?post=482"}],"version-history":[{"count":1,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/482\/revisions"}],"predecessor-version":[{"id":483,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/482\/revisions\/483"}],"wp:attachment":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/media?parent=482"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/categories?post=482"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/tags?post=482"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}