Free HTTPS across the server!

Everyone on Xenacia has a free HTTPS address with a valid TLS certificate! This is all thanks to the amazing crowd funded open certificate authority: Let’s Encrypt.

Give it a go – just change the URL from http:// to https:// and if it shows your website without a warning, you may want to switch across to using HTTPS for some or all of your pages (particularly if sensitive form data is posted, such as login details).

If you would prefer to redirect all traffic to the HTTPS address, you can add the following to your .htaccess file (place in the web root).

RewriteEngine on

RewriteCond %{REQUEST_URI} ^/(?:[0-9]+\..+\.cpaneldcv|[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?|\.well-known/acme-challenge/[0-9a-zA-Z_-]+)$
RewriteRule .* - [L] 

RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

To ensure that all your URLs are pointing to the HTTPS version, you may have to search and replace entries in your database at this time.

And to have the reverse to the HTTP version…

RewriteEngine on

RewriteCond %{REQUEST_URI} ^/(?:[0-9]+\..+\.cpaneldcv|[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?|\.well-known/acme-challenge/[0-9a-zA-Z_-]+)$
RewriteRule .* - [L] 

# Force non-SSL
RewriteCond %{HTTPS} on
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA,L]

If you have a WordPress website and just want to redirect to a secure version of the login, you can use this…

RewriteEngine on

RewriteCond %{REQUEST_URI} ^/(?:[0-9]+\..+\.cpaneldcv|[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?|\.well-known/acme-challenge/[0-9a-zA-Z_-]+)$
RewriteRule .* - [L] 

# Force SSL for WordPress login and dashboard
RewriteCond %{REQUEST_URI} ^/(wp-login\.php|wp-admin/.*)$
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA,L]

To add this to your cPanel web server, just go to Manage AutoSSL in the cPanel administration, select Let’s Encrypt™ and off you go!

If you like the free HTTPS for your website, please donate the Let’s Encrypt project. I’d recommend something like $10 (the price of the cheapest SSL certificate for one year).

Last updated on Thursday, 30th March 2017