When Google mentioned that blogs and websites that implement SSL or HTTPS traffic will get a small bump in its search results, I jumped on it.

I have been hit by Google Panda, Penguin and all the other stupid Google algorithms that have been released in the past. This site used to bring in close to 18,000 unique visitors a day.

Now traffic have stalled at about 7,000 per day which is not very nice. I want to grow this blog and support the cost that is required to run it. It has been a crazy roller coaster over these months.

If by implementing HTTPS will get me a small pump in traffic, I am willing to try. It this point, I’ll try anything to recover from these nasties Google algorithms.

So, here my journey to HTTPS. If you look at the browser URL, you’ll notice that it begins with https. That’s cool.

Now, here’s what I did to get HTTPS enable for this site. Remember, I do run Nginx web server here so setting it up on Apache2 might be a bit different.

 

When setting up SSL certificates for your domain, the first thing to do is to create the host certificate key pair. Combining both the host and the registrar keys, allows for secure traffic.

In CentOS, run the commands below to generate a certificate signing request file. (replace yourdomain with the domain you’re securing)

openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

 

The commands above create the host private key along with the certificate signing request key. The signing request key is used to sign the registrar’s key.

When you run the above commands, it should prompt you to type some information.

 

  • Common Name: The fully-qualified domain name, or URL, you’re securing.
    If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.
  • Organization: The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor’s name.
  • Organization Unit: If applicable, enter the DBA (doing business as) name. If you’re securing a single blog, then type the blog owner’s name here.
  • City or Locality: Name of the city where your organization is registered/located.
  • State or Province: Name of the state or province where your organization is located.
  • Country: The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.

 

When you’re done with all of the above steps, save the certification signing (crs) request file for later use. When you go to register for an SSL certificate, they will ask you to provide the crs key content.

In my case, I had to open the text file and copy its content, then pest it into an online form provided by the registrar.

After 12 hours, I received a zipped file with four files content via email.

In the attached file were

 

  • Root CA Certificate – AddTrustExternalCARoot.crt
  • Intermediate CA Certificate – COMODORSAAddTrustCA.crt
  • Intermediate CA Certificate – COMODORSADomainValidationSecureServerCA.crt
  • Your PositiveSSL Certificate – liberiangeek_net.crt

 

I copy these files to my host server to create the certificate bundle.

After extracting the content, I ran the commands below to create a certificate bundle of the keys provided to me.

 
cat yourdomain_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt >> ssl-bundle.crt

 
Remember to run the commands in order as shown above beginning with yourdomain.crt.

Finally, I created a folder inside the /etc/nginx called ssl and copy both the bundle.crt file as well as the yourdomain.key file created earlier into that directory.

Then open Nginx site configure file and add these line into the server block to enable SSL on the site.

 

server {
 listen 80;
 server_name _;
 return 301 https://www.yourdomain.net$request_uri;
 }

server {
 listen 443;
 sever_name www.yourdomain.net
 ssl on;
 ssl_certificate /etc/nginx/ssl-bundle.crt;
 ssl_certificate_key /etc/nginx/ssl/yourdomain.key;
 ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
 ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
 root /var/www/html;
 index index.php;
 try_files $uri $uri/ /index.php?$args;
}

 

That’s how mine is setup. Yours might be configured differently.

After configuring the above setup, your WordPress site might not work because the permalinks are still pointing to http. You must change the permalinks in the database to correct it.

To do that, logon to the database server

mysql -u root -p

 

Then run the commands below to change your http links to https. This will replace the http links for both the site and home urls.

 

UPDATE wp_options SET option_value = replace(option_value, 'http://www.oldsiteurl.com', 'https://www.newsiteurl.com') WHERE option_name = 'home' OR option_name = 'siteurl';

 

That’s it! You’re done.

 

Enjoy!

Frequently Asked Questions

What are the benefits of implementing SSL or HTTPS on WordPress blogs?

Implementing SSL or HTTPS on WordPress blogs can potentially improve search engine rankings and increase website security, thus building trust with visitors.

How can SSL or HTTPS implementation help recover from Google algorithm penalties?

Implementing SSL or HTTPS may help recover from Google algorithm penalties by signaling to Google that your site is secure and trustworthy, potentially leading to a search ranking boost.

What is the process of setting up SSL certificates for a domain on a web server?

To set up SSL certificates for a domain on a web server, you first need to create a host certificate key pair and generate a certificate signing request file, followed by configuring the server to use the SSL certificates.

Can SSL certificates be generated for different types of web servers?

Yes, SSL certificates can be generated for various types of web servers, though the specific steps may vary depending on the server software used, such as Nginx or Apache2.

What information is required when generating a certificate signing request file?

When generating a certificate signing request file, you need to provide the fully-qualified domain name (URL) you're securing, along with other necessary details requested during the process.

How does implementing HTTPS impact website traffic and user experience?

Implementing HTTPS can potentially lead to a small bump in website traffic, as it may improve search engine visibility. Additionally, HTTPS enhances user trust and security, resulting in a better overall user experience.

Why is it important to secure web traffic with SSL or HTTPS?

Securing web traffic with SSL or HTTPS is vital to protect sensitive information, such as user data and payment details, from potential cyber threats and ensure a safe browsing experience for visitors.

What are some common challenges faced when setting up SSL certificates on WordPress blogs?

Common challenges when setting up SSL certificates on WordPress blogs may include compatibility issues with plugins, mixed content warnings, and potential server configuration errors that can impact the site's functionality.