This is how to update an existing WordPress website to SSL. At a high-level, an SSL website shows the little lock icon beside beside the website’s address within the web browser. Most any web hosting company sells SSL certificates but if you’re looking to update to SSL without the cost, this is how I accomplished it. I use Amazon Web Services to host my virtual server that is powered by Ubuntu Linux. Before I initiated the process of updating my website to SSL, I performed a complete server backup. That way I could effortless roll-back, should the SSL update process not complete successfully as expected. These are the steps that I performed to update my WordPress website to SSL:
1. Performed a COMPLETE backup of my webserver and understood the steps required to roll-back, should rolling back be necessary. A website’s backup procedure likely varies among web hosts, so talk to your hosting provider to obtain clarity if necessary.
2. Browsed to Certbot and selected the software and operating system that I’m running on my WordPress webserver. As previously mentioned, I’m running Ubuntu Linux and the Apache webserver.
3. Remoted into my WordPress server’s command-line as root and ran the commands referenced within Certbot’s documentation. It’s important to mention that I opted to perform the “sudo certbot –apache certonly” command because I felt more comfortable modifying my Apache’s configuration file manually. This is a matter of personal preference. If you opt to manually modify, it’s likely best practice to create a backup copy of the Apache configuration file, prior to modifying it.
4. I opted to perform the steps referenced for automating certificate renewal. Since Let’s Encrypt SSL certificates currently last 90 days, it’s likely best practice to set a reminder to check after 90 days to confirm that the SSL certificate did indeed renew automatically as expected.
5. Download and install the Really Simple SSL plug-in for WordPress.
6. Run the Really Simple SSL plug-in. This is a convenient way to ensure that existing non-SSL content becomes accessible via SSL.
7. Browse to your website using https://YOURWEBSITENAMEGOESHERE and confirm that the lock appears. As a secondary test, https://www.ssllabs.com is a great tool for testing the SSL performance of your website.
I tried to simplify this procedure as much as possible but common problems often arise from people failing to restart Apache, after applying Apache configuration changes. On Ubuntu, the “service apache2 restart” command restarts the Apache webserver but this may vary among operating systems.