HTTP and SSL

Hypertext transfer Protocol HTTP is a protocol that is used for viewing webpages. In standard HTTP, all information is sent in clear text, and it is vulnerable and insecure.

Personal sensitive data can be exposed to hackers. Thats why we need Secure HTTP. It encrypts the data that is being retrieved by HTTP.

HTTPS uses a protocol that ensures security on the internet, it uses public key encryption to secure data, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS) (latest industry standard, etc.)

flowchart LR A[Computer] --access--> B[Internet]; B --access--> C[Server]; C --SSLcertificate--> B; B --SSLcertificate--> A;

HTTPS is important since Google flags websites without SSL as not secure, and penalizes search ranking.

Guidelines

  1. SSH into the server with nginx and hosting your website.
  2. Go to Cerbot, select the correct software and system.
  3. Follow the instructions from Certbot, all the certificates are now stored in /etc/letsencrypt/live/, 
    4. 
sudo apt install snapd
sudo snap install core; sudo snap refresh core
sudo apt-get remove certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --nginx
sudo certbot renew --dry-run
  4. Now the website is secured.

References

  1. Let's Encrypt - Free SSL/TLS Certificates
  2. Certbot
  3. certbot instructions: My HTTP website is running Nginx on Ubuntu 18.04 LTS (bionic)