Here’s how I’m adding SSL to my wordpress sites for free:
https://letsencrypt.org/getting-started/
On Linux hosts, here:
https://certbot.eff.org/#ubuntutrusty-nginx
Specifically:
$ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot And then: certbot certonly --webroot -w /var/www/noelhunter.com -d noelhunter.com -w /var/www/noelhunter.com -d www.noelhunter.com or apache: certbot --apache And to renew:
certbot renew --dry-run For nginx web server, see: https://www.digicert.com/ssl-certificate-installation-nginx.htm listen 443 ssl; ssl on; ssl_certificate /etc/letsencrypt/live/noelhunter.com/mycert.pem; ssl_certificate_key /etc/letsencrypt/live/noelhunter.com/mykey.pem; On apache2, see https://github.com/certbot/certbot/issues/3854 sudo apt-get install python-certbot-apache Then in wordpress, add plugins: https://wordpress.org/plugins/ssl-insecure-content-fixer/ https://wordpress.org/plugins/two-factor-authentication/ https://wordpress.org/plugins/wp-force-ssl/ To test two-factor for users: https://wordpress.org/plugins/user-switching/