Internet Security

Install free Let’s Encrypt SSL certificate using cPanel

Install free Let’s Encrypt SSL certificate using cPanel

Let's Encrypt on WordPressHow to install free SSL Certificate on websites?

Following the previous website tutorial (Let’s Encrypt on WordPress websites for free SSL/HTTPS), you will have generated a free SSL certificate using the Let’s Encrypt platform and the WP Encrypt plugin. Having completed that tutorial you will be in the possession of the location details for your free SSL certificate files – Usually something like the below…

/public_html/letsencrypt/live/yourdomain.com

Once generated, the free SSL certificate must be installed on your web server. You do this through your web hosting control panel (cPanel).

  1. After you have logged in, navigate to the SSL/TLS section and select Manage/Install SSL Certificates (or whatever is similar in your web hosting cPanel display).
  2. Scroll down to the section that let’s you enter a new SSL certificate. Select your domain name from the dropdown list and try the Autofill by Domain button (this may or may not work). If the Autofill works then you should see your new SSL certificate populate the fields below, scroll to the bottom and click the Install Certificate button.
  3. If the Autofill doesn’t work you’ll have to copy the SSL certificate content across manually. Navigate to the File Manager section of your web hosting cPanel. This should open in a new tab and show you the root directory of your website.
  4. Navigate your way to the location of your SSL certificate files (example above), this is usually achieved by clicking on the folder icons. When you are in the correct folder you should see the SSL certificate files listed. In particular you are looking for the fullchain.pem and private.pem files. Open/view each of the files and copy the content to a text editor like notepad.exe (do not use word processing software such as MS Word).
  5. Now that you have the content of the fullchain.pem and private.pem files, you can enter them into your cPanel. Once again navigate to the SSL/TLS section of your web hosting cPanel and select Manage/Install SSL Certificates (or whatever is similar in your web hosting cPanel display). Scroll down to the section that let’s you enter a new SSL certificate. Select your domain name from the dropdown list, this time you will paste the content of the SSL certificate files into the fields provided, as follows…

Certificate: (CRT) = The first section from the fullchain.pem file.

Private Key (KEY) = The entire content of the private.pem file.

Certificate Authority Bundle: (CABUNDLE) = The second section of the fullchain.pem file.

NB. In each field you must include —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—–.

Check that you have a green tick by the side of each field (signifying that the SSL certificate details are correct), scroll to the bottom and click the Install Certificate button.

Your free SSL certificate from Let’s Encrypt should now be installed on your web server, to check this open a browser window and enter your website address with https:// at the beginning (i.e. https://consultantsussex.com).


Don’t forget you’ll need to make sure that all your content is being served from a secure address and update your Google Analytics tracking. To find out the easiest ways to do this check out the other website tutorials or contact White Rabbit.

Follow the White Rabbit on social media to receive notifications of new White Paper and Tutorial posts – Use the links at the bottom of the page to find us on social media.


 

Posted by wr in Internet Security, Website, 0 comments
Let’s Encrypt on WordPress websites for free SSL/HTTPS

Let’s Encrypt on WordPress websites for free SSL/HTTPS

Why do websites need a Green Padlock?

When browsing the internet you will notice that some, if not the vast majority of websites, show a green padlock in the browser address bar. This means any information the user sends to the website server will be encrypted, thus preventing anyone from eavesdropping on the conversation (and pinching any private data that’s shared). If you wish to sell any products or services through your website (eCommerce) then the green padlock is vital.

Let's Encrypt on WordPressHow to get a Green Padlock for a website?

To show a green padlock and ensure that all the browser traffic to your website is encrypted, you’ll need an SSL certificate installed on your web server. The simplest and cheapest way to achieve this is to use the Let’s Encrypt platform to generate your free SSL certificate.

If you’re running your website on a self-hosted WordPress CMS platform, then you’re half way to getting your free SSL certificate already, if your website isn’t on a WordPress platform please contact White Rabbit today and open your website up to the endless possibilities available.

Follow the instructions below to generate a free SSL certificate to help secure WordPress websites and encrypt website traffic using the Let’s Encrypt platform:

  1. Login to your WordPress dashboard
  2. Select Plugins from the navigation menu
  3. Click the Add New button
  4. Enter WP Encrypt in the search box
  5. Install and Activate the WP Encrypt plugin
  6. Select Settings>WP Encrypt from the navigation menu
  7. Tick the box to auto renew the certificate
  8. Save the settings
  9. Then click the Register Account button
  10. Then click the Generate Certificate button

Once you have completed all the steps above and allowed each page to load, you will see a message confirming the SSL certificate has been generated and showing you the location of the relevant files. You will need this information to install your Let’s Encrypt certificate in your web hosting cPanel.


Now that you have generated the SSL certificate it will need to be installed on your web server. The procedure for this will differ depending on your web host. Check out the other White Rabbit Website Tutorials to find out how to install your free SSL certificate.

Follow the White Rabbit on social media to receive notifications of new White Paper and Tutorial posts – Use the links at the bottom of the page to find us on social media.


 

Posted by wr in Internet Security, Website, 0 comments
Easily make your WordPress website more secure

Easily make your WordPress website more secure

Let's Encrypt on WordPressWhy is WordPress security important?

Because of the fact that more than 25% of all websites now being created are built on the WordPress CMS platform, it is fast becoming a target for hackers, DDOS and other malicious attacks.

As a WordPress website owner, it is your responsibility to ensure that your website does not have any security flaws which could be exploited by the hackers, to use your website for their unauthorised purposes.

With a fresh install, WordPress has some limited security features built-in which should indeed be enabled and made use of. In addition to these you can use several other security plugins and methods to further protect your WordPress website from unethical attacker.

How to make WordPress websites more secure?

See below a few pointers and ideas from White Rabbit to help you make sure your WordPress website is more secure for free. Closed off to the loopholes and back-doors that hackers use to gain access to your website or even take it down!

  1. Use strong passwords – At least 8 characters, a mix of numbers and letters, at least 1 capital letter and a special character for good measure. If you have to created multiple passwords, try and find a formula that works with just a minor adjustment for each variation.
  2. Keep passwords secret – It may sound obvious but many people fail at this basic step. If you need to give others access to your WordPress dashboard… create a new user for them, this way you can also track changes if you want.
  3. Limit Login Attempts – This can help prevent snoopers from attempting to guess your passwords. You can use a default plugin when you install WordPress or a 3rd party security plugin like the one mentioned below.
  4. Further WordPress security – As touched on above, within the configuration of your WordPress CMS there are a few settings that can be tweaked to improve the general security of your website. Go through the general settings pages and make sure you’ve covered everything you can find that’s relevant.
  5. Additional plugins – Other free security plugins are available for WordPress. A particularly good one is iThemes Security this holds a wealth of security features and tweaks. Another useful free security plugin is WordFence for its Firewall capabilities.
  6. HTTPS & SSL certificates – This will ensure that traffic to and from your website is encrypted. Google also sees the SSL certificate as a ranking factor as well. Follow this link to read a blog post and find out how to get a free green padlock for your WordPress website.
  7. Keep backups – Not so much a security measure, more of a disaster recovery technique, be sure to have a good backup of the files and databases from your website. Keep the backup in a location separate to your web hosting, just in case that goes down.
  8. Tidy Up! – An often overlooked and simple method to help keep your WordPress website secure is to keep the back-end tidy, uninstall unused plugins and removed expired users.

These are just a few WordPress security tips and techniques to help you on your way to securing your WordPress website for free. The main thing to focus on is staying ahead of the hackers. Keep your WordPress installation and plugins up to date, to ensure you have all the latest security features and fixes available and above all be vigilant – if you think something suspicious is going on… check it out!


Let White Rabbit take away the hassle of securing your WordPress website, we’ll make sure all of the above is done and more, to give your website and customer’s data the protection and safety it deserves. Contact White Rabbit today to get your website secured.

Follow the White Rabbit on social media to receive notifications of new White Paper and Tutorial posts – Use the links at the bottom of the page to find us on social media.


Posted by wr in Internet Security, Website, 0 comments