If you’re a regular visitor to my website, have you noticed what’s changed?
I’ll forgive you if you don’t see it right away. You need to take a look in the URL bar, usually found at the top of your browser. You’ll see a green lock and, if you’re using the Google Chrome browser, a ‘Secure’ indicator.
Yup. I did it. I migrated the website from http to https.
Making this switch sounds simple enough, but it can get a bit complicated. I self-host my own WordPress website on an Amazon EC2 instance. I also use the Cloudflare CDN service to front my traffic to make the website a touch faster and to provide a thin layer of security.
While I am aware of straight forward methods to secure a website using Cloudflare, I wanted to use the Let’s Encrypt certificate service. I’ve heard a lot about it and figured what better way to learn how it works than to use it for my own website. For those not familiar with Let’s Encrypt, according to their words it’s a ” free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).”
I took on the challenge for the following reasons:
- I wanted to do my part to be a good citizen of the internet. Everyone who has a website should be using HTTPS/SSL to encrypt their traffic and protect the privacy of their users. I wanted to stop being one of “them.”
- I wanted to establish a more secure connection between my website and the Cloudflare CDN. Using their Full SSL implementation would have worked and been good enough. However, I wanted to go all in and use the most secure option available – Full (strict).
- While I could have used one of the Cloudflare SSL services and certificates, I wanted to learn about and support the Let’s Encrypt service. Plus, it gives me the option to move away from CloudFlare in the future without losing SSL.
- And last, but certainly not least, one of the reasons for self-hosting my website was to learn about running a server. What better project than upgrading a website from HTTP to HTTPS, especially a WordPress instance. It’s a perfect project to use as a learning vehicle.
Enough blabbering, let’s get started.
Continue reading →