Documentations
How to Enable HTTPS on Your Domain Hosted on a Linux VPS
Securing your website with HTTPS is crucial for protecting user data and improving SEO. This guide will walk you through the process of obtaining and installing a free SSL certificate using Let's Encrypt and Certbot.
1. Connect to Your Remote Server via SSH
ssh -p PORT USERNAME@HOSTIP
# Example:
ssh -p 22 root@216.32.44.12
2. Install Certbot and the Apache Plugin
sudo apt update && sudo apt install certbot python3-certbot-apache
Certbot is an open-source tool designed to automate the installation and renewal of SSL certificates, while the python3-certbot-apache plugin enables integration with the Apache web server.
3. Verify Open Ports on Your Firewall
sudo ufw status verbose
Ensure that HTTP (port 80) and HTTPS (port 443) are allowed through your firewall to facilitate web traffic.
4. Obtain Your SSL Certificate
sudo certbot --apache
This command will initiate the process to obtain an SSL certificate. Follow the prompts to configure your certificate settings.
5. Check Certbot's Status
systemctl status certbot.timer
This command will show whether the Certbot service is running correctly.
6. Test Automatic Renewal
sudo certbot renew --dry-run
Running a dry run simulates the renewal process to ensure everything is set up correctly.
7. Additional Best Practices
- Keep Your System Updated: Regularly update your packages to enhance security:
sudo apt update && sudo apt upgrade
echo "0 0 * * * root certbot renew --quiet" | sudo tee -a /etc/crontab
echo "Header always set Strict-Transport-Security \"max-age=31536000; includeSubDomains; preload\"" | sudo tee -a /etc/apache2/apache2.conf
8. Troubleshooting Tips
If you encounter issues, check the logs for detailed error messages:
sudo journalctl -u certbot
Additionally, ensure that your DNS records are correctly pointing to your server.