Securing Your PD Hosting WordPress VPS with Let’s Encrypt SSL: A Comprehensive Guide

Overview

Ensuring the security of your website with an SSL certificate has become increasingly essential. This guide provides a comprehensive walk-through on how to install and integrate a Let’s Encrypt SSL certificate on your WordPress VPS. Catering to instances running both Debian and Ubuntu Linux distributions, this guide provides detailed instructions to secure your website effectively.

However, it’s important to note that this guide is designed for those who prefer to handle the certificate setup manually. If you’re looking for a simpler solution, consider using our WordPress VPS product with built-in SSL functionality. In that case, you might want to refer to our knowledge base article: “Enabling HTTPS on Your WordPress Instance Using PD Hosting’s WordPress VPS”, which outlines a straightforward approach to securing your WordPress site with HTTPS.

Whether you’re a seasoned system administrator or a WordPress enthusiast wanting to secure your site, this guide is crafted to assist you through the process of setting up and managing your SSL certificate.

Step 1: Accessing your WordPress Instance via SSH

The first step involves accessing your WordPress instance through SSH. You’ll need to execute several commands on the server, so make sure you have SSH access ready.

For instances running the Debian Linux distribution, here’s how you gain root access and navigate to your home directory:

sudo su -
cd ~

Step 2: Installing Certbot

Next, you need to install Certbot, the Let’s Encrypt client software. This can be achieved using the following command:

sudo apt-get update
sudo apt-get install certbot

Step 3: Requesting a Let’s Encrypt SSL Wildcard Certificate

With Certbot installed, you can now request your SSL wildcard certificate. Be sure to replace $DOMAIN and $EMAIL with your domain and email, respectively:

sudo certbot certonly --manual --preferred-challenges=dns --email $EMAIL --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.$DOMAIN -d $DOMAIN

Follow the on-screen instructions for the challenge that involves adding a DNS TXT record to your DNS configuration. Once you’ve added the DNS record, wait for it to propagate before proceeding further.

Step 4: Updating SSL Certificate Files

Once your SSL certificate is issued, you need to link it to your Bitnami configuration. Depending on your Linux distribution and the Bitnami installation type, the command varies:

For Debian Linux distributions, use:

sudo ln -sf /etc/letsencrypt/live/$DOMAIN/privkey.pem /opt/bitnami/apache2/conf/bitnami/certs/server.key
sudo ln -sf /etc/letsencrypt/live/$DOMAIN/fullchain.pem /opt/bitnami/apache2/conf/bitnami/certs/server.crt

Afterward, restart your services:

sudo /opt/bitnami/ctlscript.sh start

Step 5: Employing the Really Simple SSL Plugin for SSL Configuration in WordPress

To simplify the SSL integration process with WordPress, we will use the Really Simple SSL plugin. This plugin will handle most of the SSL settings, including HTTPS redirection.

To install and activate the Really Simple SSL plugin, follow these steps:

1. Make your wp-config.php and htaccess.conf files writable:

   • sudo chmod 666 /opt/bitnami/wordpress/wp-config.php && sudo chmod 666 /opt/bitnami/apache/conf/vhosts/htaccess/wordpress-htaccess.conf

2. Access your WordPress administration dashboard.
3. Go to “Plugins > Add New”, search for “Really Simple SSL”, and install and activate it.

Following these steps, your WordPress site will automatically employ SSL encryption, with HTTP connections seamlessly redirected to HTTPS.

Step 6: Certificate Renewal

Remember, Let’s Encrypt SSL certificates are valid for 90 days and can be renewed up to 30 days before expiration. To renew, you will need to repeat the steps outlined in the ‘Requesting a Let’s Encrypt SSL Wildcard Certificate’ section of this guide.