I am running on Rancher platform and I have set up wordpress through wordpress stack. It is currently running on port 80 http. I wish to insert a free SSL with Let's encrypt and I know that Traefik stack is able to generate one for my wordpress. But I don't exactly know how.
Things that I tried:
I create a volume on wordpress /mnt/docker/traefik/acme:/etc/letsencrypt/acme
I configure Traefik with HTTP challenges, insert a proper email for acme and so on.
Not working =(
Rancher can manage your SSL certificates.
Here are the steps:
Add certificate (https://rancher.com/docs/rancher/v1.6/en/environments/certificates/)
Create a load balancer service, with the hostname needed for your wordpress certificate, select the appropriate ports, select the certificate.
Now the wordpress website would be available on the port selected in the Loadbalancer rules.
Related
I'm trying to put a simple Wordpress site on Google Cloud with SSL.
I set up a load balancer using an instance group, as described here: https://docs.bitnami.com/google-templates/how-to/configure-lb-ssl-google-templates/
except I used one-click deployment instead of bitnami.
unmanaged instance group with the vm as a member
load balancer with the instance group on the backend, port 80
front end HTTPS, port 443
The front end works, this is my test site: https://thescanclub.com
However, insecure access is still possible to the backend I.P. and also the database! I must have left out a firewall or something. How would you fix this?
Back end IP to the vm: 34.150.136.72
PS... this is a small test site and may get a new vm if I have to redo it.
The Google Managed Certificate that you created resides within the Front End of the Load Balancer. This means that it will only use the Google's SSL certificate, and redirect from HTTP to HTTPS when you access your Wordpress site through the Load Balancer's front end IP address or through the domain (thescanclub.com).
Digging the A record of your domain, you'll see that it is not pointed to the VM's public IP but rather to a different one which I presume is the HTTPS Load Balancer's front end IP.
If you wish to access the website directly from the VM's public IP, then it will be best to set up a letsencrypt SSL certificate within the Bitnami instance and set up the HTTP to HTTPS redirection through it. Hope you find this documentation helpful.
I have Virtualmin and it has apache and primary domain and encryption by Let's Encrypt.
I install gitlab on the subdomain and port 8443, but it doesn't work for me.
Turns on on the port but not on the subdomain.
I don't know how to connect a subdomain to open gitlab.
I don't know how to add a certificate from Virtualmin to a subdomain.
How do you do these two things?
Should I do it outside Virtualmin?
if you need a script like GitLab to run on a subdomain of the website, you need to create a sub server.
login to Virtualmin, select your domain, click create Virtual server,
from top tabs, select sub servers.
not if you want to create subdomain git.example.com, just type 'git' in domain and press [TAB].
in enable-feature section, select Setup SSL website too? and click create server.
after the sub server is created, go to the SSL section and request for let's encrypt the certificate.
To enable port 8443, go to webmin, networking, firewalld, on the list of ports and services, click add allowed port, add port 8443. and apply configuration.
just stop and start firewall to take effects.
Google domain name pointing at external IP of GCP compute engine with nginx installed and app in /var/www/html. Have google site verification of property code. I need HTTPS setup. Do I need Lets Encrypt? Why is it so difficult to establish HTTPS?
None of the dozens of sites nothing here in tag search or on GCP. Nginx has how to setup in /etc/nginx/nginx.conf but my site is visible http using my external IP but not the HTTPS domain name.
Currently, I am working on a Wordpress application and I am using AWS hosting. My domain is in GoDaddy.com and I have deployed the application in elastic beanstalk. I have created load balancer and also I need to run the application through HTTPS.
I have done my research and I think I found the right way, but it's not working for HTTPS. when I browse on HTTP on port 80, it runs well. Now I am helpless.
Here's what I have done so far:
1) I created a hosted zone on AWS Route 53 for the domain named "example.com". There are two records are created, NS and SOA.
2) Then, in GoDaddy, I added NS records from AWS as Custom Nameservers.
3) After that, I created A record for the domain in the AWS hosted zone, set ALIAS targeted to the Load Balancer of the Elastic Beanstalk environment.
4) Then, I changed the SITE URL from the wp_options table the wordpress application database.
After doing up to this, my application was running in HTTP. But as I want to change it to HTTPS. So,
1) I requested a certificate from AWS Certificate Manager and created CNAME (provided by ACM after requesting certificate) record in the hosted zone.
2) After the certificate is issued, I edited the listener from EC2 >> Load Balancer >> Listener and changed the protocol from HTTP to HTTPS and also allowed port on Security groups.
3) Also, I changed, the SITE URL from WordPress database and changed it from "http://example.com" to "https://example.com" but it was not working.
4) So I went to Elastic Beanstalk >> Configuration >> Load Balancer and added listener. After the environment is saved and restarted, still, the site was not running on HTTPS [ HTTP 408 ERROR IS SHOWN ]. But if I change SITE URL to "http://example.com", it works
I have found a solution, which says to use RedirectURL and set it to server config but I don't want to do that.
I also found this solution which suggest to Export Zone File and import it to AWS hosted zone. But whenever I click Export Zone File(Unix), the file downloaded is shown empty. I tried this for other accounts, still, this problem exists. So I did not do that.
Sorry for the long story, but I really need this help.
I have solved the issue.
In my load balancer port configuration, I previously set load Balancer port 443 and instance 443. here what I need to do is to call the load balancer on port 443 and backend make the backend call on port 80 and enable https on WordPress.
So I kept load balancer port 443 and changed the instance port to 80. After that, on the browser, there was too many redirects error shown. So then what I needed to do is that add $_SERVER['HTTPS'] = 'on' on wp-config. And then everything was running smoothly.
I hope this will help if some
Firstly, I am more of a dev than admin. And I have always asked questions here. But please let me know if there is a better place to ask this question.
Here's my situation. I have an application that is built to run on linux. It serves both https (on port 443 using nginx) and ssh (on port 22). But due to organizational restrictions, I am forced to run it on a windows host with a linux guest using virtual box. Also, there is another web application on the host box; both these web applications should be served based on the URL (example: app1.com, app2.com). URLs need to be preserved. All ssh traffic can default to guest.
One idea I have to make this work is below, and I would like to know
if I am making this more complicated than it should be. Any help is appreciated.
Steps:
Use an unused port for https (say 8443) on my host and redirect all
traffic to the guest. Use NAT based port forwarding (8443 -> 443, 22 -> 22)
in Virtualbox.
The only thing left would be to setup another nginx on
the host as a reverse proxy. Set up virtual hosts on windows
(/etc/hosts) and have the two IP and URL entries (app1.com and app2.com).
Use a separate nginx on the host as a reverse proxy to redirect app1 traffic
to the web app on the host and app2 traffic to 8443.
Questions:
Can I avoid the extra nginx reverse proxy on the host while preserving the URL?
Also what about ssl. Can I just set up https on the host and route it to port 80 on guest and avoid having two certs? Note: I am using NAT in Virtualbox, so there should not be any security issues I guess.
This is an administration question, and the user posted the identical question to serverfault, where it was answered: https://serverfault.com/questions/835220/multiple-web-applications-same-vm-vs-multiple-vms