We will secure the WordPress site with the free SSL – Letsencrpyt.
Note : Applicable only for domains having Apache as Web-server
Make sure you have git installed # sudo apt-get install git
# cd /tmp # git clone https://github.com/certbot/certbot # cd certbot
Now request the cert for your domain example.com
./certbot-auto certonly --webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d example.com
Enter the requested info from certbot.
The requested certs would be generted in the /etc/letsencrypt/live/domain.com directory.
Link the certs for the correct rendering by Apache.
# sudo ln -s /etc/letsencrypt/live/domain.com/fullchain.pem /opt/bitnami/apache2/conf/server.crt
# sudo ln -s /etc/letsencrypt/live/domain.com/privkey.pem /opt/bitnami/apache2/conf/server.key
# sudo chown root:root /opt/bitnami/apache2/conf/server* # sudo chmod 600 /opt/bitnami/apache2/conf/server*
# sudo /opt/bitnami/ctlscript.sh restart apache
To force users on https :
Open /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf and add this on top :
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
# sudo /opt/bitnami/ctlscript.sh restart apache