We have been through the basic of all the three previous tutorials. We have successfully setup AWS , nginx wordpress and SMTP server. So will move to our next step making our website run over SSL. Note here that till now what we have done everything is free except the AWS which will cost you after a certain time. For now lets proceed.
So let us first know what is SSL and why it is important. SSL is a protocol which provides a secure channel between the two machines and everyone use it because it is now very easy to read content over http using MITM Attack.
What all we use for SSL? We are going to use open certificate authority letsencrypt for our SSL.
Follow these steps :
- SSH to your server.
ssh -i keyfile.pem ubuntu@public_ip
- Now download their certbot which will download the certificates after checking the domain names.
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
- Now you have the bot and you have given it the permission to execute using chmod a+x.
- lets say your have two subdomain right now one is www.abc.com and abc.com
- Run these command for certbot to download the certificate for you.
sudo ./certbot-auto certonly --standalone -d abc.com -d www.abc.com
- You can add other subdomain if you want them here by appending -d and domain name.
- Now you gave the certificate what you need to do is tell the nginx that I want to use SSL on port 443 using this key and certificate.
- Open the server config file in /etc/nginx/sites-available/configfile
- Add these in your server
server { listen 443 ssl; root /var/www/wordpress; index index.php index.html index.htm; ssl_certificate /etc/letsencrypt/live/abc.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/abc.com/privkey.pem; server_name www.abc.com; location / { # try_files $uri $uri/ =404; try_files $uri $uri/ /index.php?q=$uri&$args; } error_page 404 /404.html; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; } }
- Now restart the server and open your domain in browser you will now see https://www.abc.com
- Your site is now running on SSL .
So with this we came to the end of this four part tutorials if you have any problem related to any part please do comment. Also if you like the tutorial please do share.If you missed the first three go read them here.
Part 1- Setup aws and nginx
Part 2- WordPress under nginx
Part 3- Setting up SMTP and domain name mapping.