How to configure SSL and HTTPS for WordPress

Once set up SSL certificates on several WordPress sites.

The sites were hosted on a dedicated server under the control of Ubuntu, on this first thing I created a directory for certificates and switched to it:

sudo mkdir /etc/apache2/ssl
cd /etc/apache2/ssl

Enable the SSL module for Apache2 if it is not enabled:

sudo a2enmod ssl

Then I generated the certificate:

sudo openssl req -nodes -newkey rsa:2048 -keyout /etc/apache2/ssl/example.com.key -out /etc/apache2/ssl/example.com.csr

In the process of generation, several questions had to be answered:
Country Name (2 letter code) [AU]: UA (code of the country)
State or Province Name (full name) [Some-State]: Sumy
Locality Name (eg, city) []: Romny
Organization Name (eg, company) [Internet Widgits Pty Ltd]: Private person
Organizational Unit Name (eg, section) []: (empty or the name of the department)
Common Name (e.g. server FQDN or YOUR name) []: ixnfo.com (domain name, without http and https)
Email Address []: test@ixnfo.com

You can also sign the generated certificate (this is the contents of example.com.csr) from some kind of domain registrar.
The procedure is cheap and after it is connected will not display a message that the certificate is not signed.
Or install the signed free from Let’s Encrypt as I described in the article:
Installing Certbot in Ubuntu

Since there are several sites, the configuration files for each of them are located in the directory /etc/apache2/sites-enabled/.
I’ll choose one of them and at the very end after the standard directive:

<VirtualHost *:80> ...</VirtualHost>

we will add one more, but with 443 port and we will specify ways to certificates:

<VirtualHost *:443>
ServerAdmin admin@ixnfo.com
ServerName ixnfo.com
ServerAlias www.ixnfo.com
DocumentRoot /var/www/ixnfo.com/
        <Directory />
                Options -Indexes
                AllowOverride All
        </Directory>
        <Directory /var/www/ixnfo.com/>
                Options -Indexes
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/ixnfo_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/ixnfo_com.key
SSLCertificateChainFile /etc/apache2/ssl/ixnfo_com.ca-bundle
ErrorLog /var/log/apache2/ixnfo_error-ssl.log
LogLevel warn
CustomLog /var/log/apache2/ixnfo_access-ssl.log combined
</VirtualHost>

After the changes, check the configuration and restart apache2:

sudo apachectl configtest
sudo apachectl -t
sudo service apache2 restart

To be able to log in to WordPress and admin on HTTPS only in wp-config.php, uncomment the following parameters:

define('FORCE_SSL_LOGIN', true);
define('FORCE_SSL_ADMIN', true);

You can also change the address of the site from http:// to https:// in the admin panel, in the “Settings” – “General” menu.
In robots.txt we will specify the site address with https, for example:

Host: https://ixnfo.com

Also in sitemap.xml there should be links with https.
In search engines need to apply for re-indexing the site map, in Yandex.Webmaster submit an application to the “Move the site” by ticking the “Add HTTPS”.
In Google Search Console, you need to add the same site with https, it will be indexed separately from http.

Done, now the site can be opened by https.

See also my articles:
Configuring HTTPS in Apache
Configuring SSL in Nginx
Redirecting requests to SSL

Leave a comment

Leave a Reply