How to secure webservers with HTTPS traffic

Introduction:

Lets Encrypt provides an easy way to access and obtain security on both server and websites. Here, you get free TLS/SSL certificates which helps to enable HTTPS on web servers. And it helps to provide Certbot to the software clients. Certbot is a free SSL which is provided by Let’s Encrypt.

Also, this kind of certificate can be used on both Nginx and Apache. So, this tutorial helps to provide an important steps to follow configuration file instead of block of files.

Important things to follow:

  • You have to install Ubuntu on your server of any versions like 16.4, 17.10 or 18.04.
  • You must have a fully registered domain which is associated with Digital Ocean server or Vultr or any. And if you don’t have any domain then you can purchase it from namecheap, godaddy or any hosting company.
  • And you have to add your AAA, A and CName on your cloud hosting which is for adding a public IP address.
  • Also, you have to install Nginx on your server from how to install LEMP on Ubuntu.
  • And there is a certain tutorial for using server block files and also you can enable firewall.

Step 1: How to install Certbot

This step is to obtain an SSL/TSL certficate and Certbot software.

As you know that, Certbot is a very good development software which is very active and up-to-date.  So, let’s add a repository.

And after pressing an enter, you have to update your server:

And now lets install Certbot on your server:

therefore, you have successfully installed certbot on your server. Now, lets configure your SSL on Nginx.

Step 2: Nginx’s configuration confirmation

We need to confirm our configuration before running it. Also, we have to find the correct server block on Nginx config. So, for the confirmation you have to add your domain name on default file.

Now, change or add on your server name by replacing example.com with your own domain name on it.

And save and close the file. After successfully saving it, now check your nginx server. If there is a syntax error then again check on your Nginx configuration file.

So, if there is no any syntax error and the nginx is running perfectly then you can reload nginx server.

Step 3: Allowing HTTPS

If you have enabled or installed firewall then you can easily access on HTTPS and see how to adjust ufw:

Output: this is a default HTTPS traffic.

Here, you can add any sort of traffic that you want. But we just want you to follow our steps:

And again check how it looks now:

so, if it is done then it looks like this:

Output

 

Step 4: Optaining SSL certificates:

After it is successfully done, follow the below step

sudo certbot --nginx -d example.com -d www.example.com

It runs with the nginx plugin and you just have to follow the given steps asked on HTTPS settings:

Output

After it is successful, the note will be given:

Output

 

Step 5:Verifying Certbot Auto-Renewal

To renew your SSL/TSL certificates for HTTPS security on web servers. This will renew your certificate on three months gap by renewing script to /etc/cron.d.

Conclusion:

So, this is how  you secure your both server and web server.

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *