SSL Certification and HTTPS

I have to sing the praises of digital ocean and certbot. I wanted to serve my wordpress site hosted at digitalocean.com on HTTPS. Because it is WordPress it runs on an Apache server and through Digitalocean’s easy one click app creation the cloud server is running Ubuntu 18.04.

Where it gets really awesome is that when I connected to my server via SSH and then looked at the instructions on the “Certbot” webpage for obtaining an SSL certificate for Apache on Ubuntu 18.04 it was the smoothest process I could have imagined. It was only a few commands on the command line and Certbot had not only installed an SSL cert on my server but it even asked me if I wanted my Apache setting changed so that traffic was automatically served on HTTPS, and it was as easy as answering yes. Wow, that’s a really great system. Oh yeah, did I mention it’s free? Well the certificate part at least, but Digital ocean is very reasonable, only $5 a month for starters.

.htaccess Cheat Sheet

# This is the default WordPress .htaccess file
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /wordpress1/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /wordpress1/index.php [L]
</IfModule>

#adding this will prevent caching
<filesMatch "\.(html|htm|js|css)$">
  FileETag None
  <ifModule mod_headers.c>
     Header unset ETag
     Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
     Header set Pragma "no-cache"
     Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
  </ifModule>
</filesMatch>