Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
How to secure your site with HTTPS? — First published in issue #101

How to secure your site with HTTPS?

With HTTP everything is visible when traveling on the Internet. By generating an SSL certificate and configuring your webserver you can force browsers to use HTTPS. Here is how to proceed:

# 1. Install letsencrypt
sudo pip install letsencrypt

# 2. Generate a cerficate for your doman
sudo certbot certonly -d

# 3. Configure your nginx config file 
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/;
ssl_certificate_key /etc/letsencrypt/live/;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# 4. Reload nginx and you're done
service nginx reload

Redirect HTTP to HTTPS:

server {
  listen 80;
  return 301$request_uri;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment