Moving WordPress to https

It’s time to move your sites over to https. Again for this example we will be using a LEMP stack on Ubuntu 16.04.2.

First thing is to open the firewall to allow traffic on port 443. (Here I’m using ufw)

sudo ufw allow https

Then we can check to ensure the port is open with the following.

sudo ufw status

Once we’ve done that we add the following to our config file.

For nginx this is /etc/nginx/sites-available

To open the file

sudo nano yoursite

SSL configuration
server {
access_log off;
log_not_found off;
error_log  logs/yoursite.com-error_log warn;

        listen 443 ssl;
        server_name  yoursite.com; 

 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers On;
 ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:
DH+AES256:
ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:
RSA+AES:
RSA+3DES:!aNULL:!MD5:!DSS;
ssl_certificate /etc/nginx/cert/crt/yoursite.crt;
ssl_certificate_key /etc/nginx/cert/key/yoursite.key;

The “ssl_certificate” and “ssl_certificate_key” entries are the key and certificate that you have generated on the server and had signed by a certificate authority. If you don’t have these then you can check out our guide on how to do this here.

Now you will be able to access the site over both http and https.