NetNaps

Tag: SSL

  • Getting an A+ SSL Rating on Nginx Apache Server

    Saturday 8 August 15:18

    Getting A+ SSL Rating on Apache

    Getting an A+ SSL Rating on Lightsail is just a 5-minute task,

    It’s only turning off old versions of SSL from your configuration file.

    Getting a free SSL is well documented by the lightsail team here, in a 9 Step Tutorial, if you have not got an SSL please get one,

    SSL improves your SEO, maintains trust for the visitor and is a must for any website in 2020.

    After reading this post from Qualys, searching some more articles

    I could make out that getting A+ SSL rating and not allowing the previous versions of SSL on a website or a blog is both good for your SEO Strategy and Security part.

    So, here it is Get your site checked here on the Qualys Tool For SSL it’s Free!

    Here is a screenshot of a test when I just started this blog and was continuously improving on its security, SEO, and everything I could do for achieving a simple, secure and a pro website.

    SSL B Grade

    Getting the same as an A+ was just a 5 minutes task, from start to finish on a lightsail hosted website, using apache server, with bitnami image of wordpress.

    Here’s how I got this from B to A+

    Getting A+ Rating on SSL on a lightsail hosted website

    Just head over to your SSH Window and start with :

    sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf

    Soon you are into editing the bitnami.conf file, so we have to just turn off the old versions of SSL

    Find this line with “CTRL+W”, or whatever that line reads near SSL Protocol

    SSLProtocol all -SSLv2 -SSLv3

    Change the same to

    SSLProtocol TLSv1.2

    CTRL+O to write out and CTRL+X to Exit

    Restart the Apache

    sudo /opt/bitnami/ctlscript.sh restart

    Getting A+ SSL Rating Nginx Server


    sudo nano /etc/nginx/nginx.conf

    Change the lines that start with #SSL Settings to Exactly the code below this would also add the session timeout and Strict Security Header :

        ##

    ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    ##

    Once done just restart your server with :

    sudo service nginx reload && sudo service nginx restart

    This gives A+ SSL Rating.

    SSL is a must if you use AMP on your WordPress Blog. , Also here’s a collection of some website testing tools that I keep on updating.

    HSTS Preload on NGINX Server

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

    This gives you a HSTS Header on your site, if you use Nginx Server, Enrolling to HSTS list is good for your sites security, this enables browsers to understand that your site is only served on a secured connection.

    You can enrol here for HSTS, First, you need to test on the same link then Enroll the domain.

    HSTS Preload on APACHE Server

    Mod Headers Looks Like :

    First, enable mod headers in your httpd.conf file,

    you can find in the /etc/apache2/httpd.conf :

    LoadModule headers_module modules/mod_headers.so

    then simply add the below line in your virtual host’s file.

    <VirtualHost *:443>
...
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
...
</VirtualHost>

  • WordPress SSL on MacOs Step By Step

    WordPress SSL on MacOS: Step-by-Step Guide to Secure Your Localhost

    Securing your WordPress site with SSL on MacOS is essential, even when working on a localhost. SSL (Secure Sockets Layer) encrypts data between your browser and server, ensuring a secure connection. In this guide, we’ll walk you through the steps to install WordPress SSL on MacOS for your localhost environment. By the end, you’ll have a fully secure WordPress setup ready for development or testing.

    Why Install SSL on WordPress Localhost?

    Even though your localhost isn’t publicly accessible, adding SSL on MacOS offers several benefits:

    • Secure Testing: Simulate a live environment with HTTPS for testing plugins, themes, and features.
    • Avoid Mixed Content Warnings: Prevent issues when migrating your site to a live server.
    • Prepare for Production: Ensure your site is production-ready with SSL configured from the start.

    Step 1: Set Up Localhost on MacOS

    Before installing SSL, ensure your localhost environment is set up. If you haven’t done this yet, follow our detailed guide on setting up localhost on MacOS Catalina. This guide covers installing tools like MAMP or Local by Flywheel, which are essential for running WordPress locally.

    Step 2: Generate SSL Certificates

    To enable SSL on MacOS, you’ll need SSL certificates. Here’s how to generate them:

    Using MAMP Pro

    1. Open MAMP Pro and select your WordPress site.
    2. Go to the Hosts tab and click SSL.
    3. Check the box for Enable SSL and generate a self-signed certificate.

    Using Local by Flywheel

    1. Open Local by Flywheel and select your WordPress site.
    2. Click on SSL in the left-hand menu.
    3. Toggle the switch to enable SSL. Local will automatically generate and install the certificates.

    Step 3: Configure WordPress to Use SSL

    Once SSL certificates are generated, configure WordPress to use HTTPS:

    1. Open your WordPress site in a browser.
    2. Log in to the WordPress admin dashboard.
    3. Go to Settings > General.
    4. Update the WordPress Address (URL) and Site Address (URL) to use https:// instead of http://.
    5. Save the changes.

    Step 4: Fix Mixed Content Issues

    After enabling SSL, you may encounter mixed content warnings (HTTP resources on an HTTPS page). Here’s how to fix them:

    1. Install the Really Simple SSL plugin.
    2. Activate the plugin, and it will automatically detect your SSL certificate and fix mixed content issues.
    3. Verify your site by visiting it in a browser. The padlock icon should appear in the address bar.

    Step 5: Test Your SSL Configuration

    To ensure your WordPress SSL on MacOS is working correctly:

    1. Visit your site using https://.
    2. Check for the padlock icon in the browser’s address bar.
    3. Use tools like SSL Labs’ SSL Test (opens in new tab) to validate your SSL configuration.

    Best Practices for SSL on Localhost

    • Use Trusted Tools: Tools like MAMP Pro and Local by Flywheel simplify SSL setup.
    • Regularly Update Certificates: Self-signed certificates may expire. Regenerate them periodically.
    • Test Thoroughly: Ensure all plugins and themes work correctly with HTTPS.

    Final Thoughts

    Installing WordPress SSL on MacOS for your localhost environment is a straightforward process that enhances security and prepares your site for production. By following the steps above, you can ensure a seamless transition to HTTPS and avoid common pitfalls.

    For more detailed instructions on setting up localhost, check out our guide on localhost setup for MacOS Catalina.

    Key Takeaways

    • SSL is essential for secure testing and preparing your WordPress site for production.
    • Tools like MAMP Pro and Local by Flywheel simplify SSL setup on MacOS.
    • Use plugins like Really Simple SSL to fix mixed content issues.
    • Regularly test and update your SSL configuration to ensure security.

    Have you set up WordPress SSL on MacOS? Share your experience or ask questions in the comments below! For more WordPress tips and tutorials, visit Netnaps.

    For more details on setting up localhost, check out our guide on localhost