Let’s Encrypt: My Blog is Secured Now

Transport security is a major concern among many webmasters and it was for me too. Imposing a SSL transport layer means a lot for many of us. But, this comes with a cost. On top of that the management of SSL certificates is a tedious job especially for them who are novice in maintaining the servers and infrastructures. Such people go out seeking the professional services, many time for smallest job in the world. I have helped many of my friends and colleagues setting up SSL and believe me it is not easy.

Do I need to secure the blog over SSL?

YES, of course, why not? If you are a serious blogger (which I am pretending to be, at least from a few days), you should protect your work, your property (blog and posts) from them who wish to misuse another opportunity to destroy it. Mind it, as soon as your blog becomes popular and start gaining visitors, hackers and pirates will try to gain access to that, for whatever reason they have to sabotage your beautiful work.

These are some of the main reasons I think you should consider for this.

  • Your blog becomes very difficult to be hacked or hijacked.
  • The visitors / readers are more secure, when they are on your blog. They might feel free to enter their email for the subscription or while entering the comments are it is securely transferred to back end.
  • Search Engines will start respecting your site and it may get a little push in the ranking.

Let’s Encrypt

I have a few self hosted WordPress blogs, which I have started as a hobby and have not maintained them all quite well for quite a long time. But, recently I started giving serious thought to my writing and maintaining my blogs. In a couple of days, after a few blog posts, I started thinking, what if my blog is also secured over an SSL.

SSL! it’s going to be a challenge. I used to think like that and struggle lot until, Let’s Encrypt came as a savior for me and all who were struggling.

A Ubuntu VM on AWS hosts my blogs, where I use Apache2 as web server. Let’s Encrypt makes our life so easy that it just takes a few minutes to enable SSL on your blog. I guess you are having the similar setup. So, let’s start. All you need is a shell access to the server.

Steps

  1. Open your terminal and login to your server console. Once you are in there, you have to download a small shell executable name certbot-auto. Remember that you may require a sudo access to do so.
    • navigate to your home directory and create a new folder named “le” (you can name it whatever you wish to but I like it that short)
      mkdir le; cd le
    • now you have to download the required program, so, enter the below command in the shell
      sudo wget https://dl.eff.org/certbot-auto
      (if you don’t have wget on your server, you can install it using sudo apt-get install wget)
  2. The required program is there, but now you to grant it permissions, so that it can be executed in your server.
    sudo chmod a+x certbot-auto
  3. Now this application is ready to help you setup your Apache2 instance and serve your blog domain over SSL. Go ahead and enter the below command.
    certbot-auto --apache -d myblog.com -d www.myblog.com
    (myblog.com should be replaced by your domain. Also in case you are not serving your domain over www sub domain then you can omit that part)
  4. If you are executing this command for the first time, which seems to be true here as of now, the above command will go and install the required dependencies.
  5. After installing the dependencies, it will start asking you a few questions, like your email address for it to keep you updated about the expiry of the certificates. It will also prompt you if you wish to keep http along with https.
  6. Once you have answered all the questions, it will obtain the required certificates and configure them as required.

Your site is now ready and should be accessible over https now.

You Should Feel Secured Now!

I am feeling the worlds most secured person as of now, after installing SSL here and you should too. It is quite straightforward and simple. Feel free to reach me  by leaving your comments below and I will try to answer your questions. Let me and everyone know, what’s your thoughts are on the transport security of blogs. Are you opting in or already serving your visitors a secured content?

P.S.: Your feedback is important for me and will improve the upcoming contents.

Leave a Reply