Install load balancer with nginx on ubuntu 14
Install load balancer with nginx on ubuntu 14
16/12/2016
MYSQL Queries
MYSQL Queries
12/03/2017
Show all

Install free HTTPS SSL on wordpress with ubuntu

Install free HTTPS SSL on wordpress with ubuntu

Install free SSL

Download and Install and Active WP Encrypt plugin : https://www.yanivp.net//wordpress.org/plugins/wp-encrypt/

Go to WordPress Settings > WP Encrypt and fill in the details
Go to Register Account

FIX The directories /var/www/letsencrypt/live and /var/www/html/.well-known/acme-challenge that WP Encrypt needs access to are not automatically writable by the site. Unless you change this, it is not possible to auto-renew certificates.

sudo mkdir /var/www/letsencrypt/
sudo mkdir /var/www/letsencrypt/live
sudo chown -R www-data /var/www/letsencrypt

Go to Generate Certificate

Click help tabs at the top of this page to set up the ssl

sudo nano /etc/apache2/sites-available/000-default.conf
 and paste VirtualHost code from Help info

see example with test.com domain …

<VirtualHost *:80>
 ServerName www.test.com/
 Redirect / https://www.yanivp.net//www.test.com/
</VirtualHost>

<VirtualHost *:443>
DocumentRoot /var/www/html
ServerName www.test.com
ServerAlias www.test.com
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3 -TLSV1

#RewriteCond %{HTTP_HOST} !^www\. [NC]
#RewriteRule ^(.*)$ https://www.yanivp.net//www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]


SSLCertificateFile /var/www/letsencrypt/live/www.test.com/cert.pem
SSLCertificateKeyFile /var/www/letsencrypt/live/www.test.com/private.pem
SSLCertificateChainFile /var/www/letsencrypt/live/www.test.com/chain.pem

</VirtualHost>

Open mod SSL : sudo a2enmod ssl

Restarting Apache: sudo service apache2 restart

Check ssl port 443 open:
http://www.yougetsignal.com/tools/open-ports/

change to https in wp-config.php

sudo nano /var/www/html/wp-config.php

define('WP_SITEURL', 'https://www.yanivp.net//' . $_SERVER['HTTP_HOST'] . '/');
define('WP_HOME', 'https://www.yanivp.net//' . $_SERVER['HTTP_HOST'] . '/');

Restarting Apache: sudo service apache2 restart

Check non https images with this tool:
https://www.yanivp.net//www.whynopadlock.com/

Check SSLv3 Poodle Vulnerabilit:
option1 : https://www.yanivp.net//www.site24x7.com/tools/check-ssl3-vulnerability.html

option 2: sudo apt-get install nmap and run this command:nmap -p 443 --script +ssl-enum-ciphers YOUR.SERVER.ADDRESS.COM

Resources: link

Disable SSLv3
sudo nano /etc/apache2/mods-available/ssl.conf and change this line from SSLProtocol all to SSLProtocol all -SSLv2 -SSLv3
Restarting Apache: sudo service apache2 restart

Leave a Reply

Your email address will not be published. Required fields are marked *