• Sponsored Links

Step by Step Tutorial Webfaction Website http to https

Share this :

Step by Step Tutorial Webfaction Website http to https

Webfaction provides awesome service for Web hosting . I have many Websites hosted via Webfaction  , however until now all my websites were http websites i.e. i was able to access my website using http://www.versionpb.com but not using https i.e. https://www.versionpb.com . To know more on what is http and https please read following links :

  1. http
  2. https

To make your website https supported we need to have SSL certificates and all the SSL certificates used to be paid sometime ago but as of now there are many ways to get https certificates for free .After doing a lot of research I finally understood that Lets Encrypt is an awesome way to achieve this for free .

I love Lets encrypt and you can read more about it here : Lets Encrypt

I am writing this post to provide step by step procedure to make your webfaction website from http to https . Its really easy and takes around 15 to 20 minutes . Lets Start :

  1. Open Control Panel of your Webfaction Account
  2. Click Domain/Websites from Menu
  3. Click Applications from Sub menu under Domain/Websites
  4. Click Add new Application
  5. Give your Application a name for my case I gave name as ssl_redirect_versionpb
  6. Select App Category as PHP
  7. Select App type as Static/CGI/PHP-7.0
  8. Click Save
    Create New Application in Webfaction

    Create New Application in Webfaction

  9. Navigate to Websites in Webfaction control panel i.e. Click on Websites Sub-Menu under Domain/Websites Menu
  10. Make a Exact copy of Existing http website and Enable https on it In this tutorial i am assuming that you already have a website configured in Webfaction and have both www and non-www website configured . In case you dont know how to do redirect from non-www to www . Please read it here .If you are not sure how make exact copy of your existing http website use below steps :
    1. Click on Add New Website
    2. Choose Name as lets say for https//www.versionpb.com use https_www_versionpb
    3. For Security Select https , by default it will select Shared Certificate
    4. In Domain Enter the domain of your Website you created in your real http website for example  , for my case I  entered www.versionpb.com
    5. In Contents Select Reuse an existing application and select the application which you have created for your real Website
    6. Click Save
    7. Similarly create another Website for https_nonwww_versionpb
      Create https Website in Webfaction

      Create https Website in Webfaction

  11.  At this point you must be having 4 websites as follow :
    1.  http://www.versionpb.com
    2. http://versionpb.com
    3. https://www.versionpb.com
    4. https://versionpb.com
  12. You will notice that your HTTPS website says Security HTTPS, using shared certificate. That's OK for now. We'll fix that later.
  13. Open the browser and open your https website , you will notice browser will show security warning , if you click advanced and select continue you will be able to see your website , dont worry we will fix this in a while .
    https website warning

    https website warning

  14. Select your HTTP version of your website
  15. Under the Contents section remove your existing application.
  16. Add the new application in the same http website  we just created i.e. ssl_redirect_versionpb.
  17. Click Save
    http application changes

    http application changes

  18. Now, if you visit your site you will NOT get your usual homepage . Relax thats because We have not done any redirection to HTTPS yet. We will do that now
    Usual homepage wont Open

    Usual homepage wont Open

  19. From your local machine open terminal using putty or any other similar tool
  20. In my case as my new app name was ssl_redirect_versionpb , I executed following command . Replace ssl_redirect_versionpb with your application name and execute the below command
  21. vi ~/webapps/ssl_redirect_versionpb./.htaccess
  22. Hit key i (to enter Insert mode and start writing), copy (Ctrl + c) the following text as below
  23. RewriteEngine on

    RewriteRule !^.well-known($|/) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

  24. paste it (Ctrl + v) to the opened file (.htaccess).
  25. After pasting, hit the Esc key to exit Insert mode of vi editor
  26.   write:wq (this will save the file and quit the vim editor)
    Coding Static Redirect

    Coding Static Redirect

  27. Done with redirection. Now if you visit your site (versionpb.com) you will be redirected to https://versionpb.com, BUT a security warning will arise saying that the site you are trying to visit may be dangerous or so. That's because we are using a shared certificate. Lets fix this
    UnSecure https Website

    UnSecure https Website

  28. In terminal you must install the terrific acme script. Simply execute the below command in command line of the opened terminal
  29. curl https://get.acme.sh | sh
  30. Everything is done automatically for you (and me!). You should see something "Install success!" at the end of this command execution which means acme is installed successfully.
    acme installed successfully

    acme installed successfully

  31. Log out from the terminal and ssh to log back in.
  32. Now you have the command acme.sh available globally. Time to use it.
  33. Before, of course, to request a brand new official certificate from LetsEncrypt, we must request a staging (test) certifiacte, in order to be sure that everything is working properly. Execute the below command : where substitute versionpb.com with your website name and ssl_redirect_versionpb with your app name you created at Step 5
  34. acme.sh --issue --test -d versionpb.com -d www.versionpb.com -w ~/webapps/ssl_redirect_versionpb
  35. If everything worked, you should have 7 files to the path ~/.acme.sh/versionpb.com/ which are (ca.cerfullchain.cer, versionpb.com.cer, versionpb.com.conf, versionpb.com.csr, versionpb.com.csr.conf and versionpb.com.key). If something is missing, then maybe this is because these are just test certificates and keys. Not usable in production.
  36. Now that everything worked, it's time to issue for the real ones.
  37. Just enter below command where substitute versionpb.com with your website name and ssl_redirect_versionpb with your app name you created at Step 5
  38. acme.sh --issue --force -d versionpb.com -d www.versionpb.com -w ~/webapps/ssl_redirect_versionpb
  39. The above command will fetch the same kind of files (with the same name) but this time this folks are official. Their lifetime is 90 days and LetEncrypt lets you renew your certificates no earlier than 60 days after your last issue. For example, if you issued your certificates today (2017-10-18) then the earlier you can issue them again (renew them) is at 2017-12-17. Of course there is always the option to renew them earlier by using the --force argument , which is added in the command at step 38.
  40. Now go to the SSL certificates from Webfaction Control Panel . Its under Domain/Websites Menu
  41. select Add SSL Certificate 
  42. choose Upload Certificate
  43. This step, you only have to do it once. Give it a name, say mysite_cert
    create new certificate in webfaction

    create new certificate in webfaction


  44. copy the contents of ~/.acme.sh/versionpb.com/versionpb.com.cer to a file and the upload it to the Certificate section.
  45. Do the same with the ~/.acme.sh/versionpb.com.key and the Private Key section
  46. finally with the ~/.acme.sh/ca.cer and the Intermediates/bundle section.
  47. All this can be automated as well , so you dont have to create new certificated every 60 days . But i will show that in another post
  48. Go to your websites in Webfaction Control Panel . Its under Domain/Websites Menu 
  49. choose the HTTPS version of your domain.
  50. Under the "Security" section, "Choose a certificate" dropdown menu
  51. choose the certificate you created  as in step 43 (not the "Shared certificate", of course).
  52. Click Save
  53. Done . Now after DNS propagation i.e. after 3-4 minutes go ahead and try following links ( replacing your website in place of versionpb )
    1. https://www.versionpb.com
    2. https://versionpb.com
    3. http://www.versionpb.com
    4. http://versionpb.com
  54. You will notice all these will open using https://www.versionpb.com without any warning .
http redirect to https

http redirect to https

 

Thanks to below references :

https://letsencrypt.org/

Webfaction

https://community.webfaction.com/questions/19988/using-letsencrypt

 

Leave a Reply

Your email address will not be published. Required fields are marked *

31 − 26 =