Category

Security

SSL Certificate webpage

SSL Certification Installation Tutorial

By Development, Security, SSHNo Comments

Installing an SSL Certificate is something that can benefit all developers. SSL Certificates provide security when passing data back and forth between the user and the server. This specific Tutorial uses AWS for DNS and the server, Nginx as a reverse-proxy engine, and Namecheap for the SSL Certificate itself. Follow the steps and you will have the base knowledge to install an SSL Certificate in no time!

  1. Purchase a domain name from Route 53 on AWS.
    1. If you are following this tutorial for learning purposes only, I recommend choosing a cheap domain and ensuring auto-renew is turned off to avoid extra charges. This tutorial uses a .com domain, so that is recommended to follow the tutorial more precisely.
  2. Purchase an EC2 Server on AWS.
    1. I recommend an Ubuntu Server 16.04 LTS (HVM), SSD Volume Type
    2. For security groups, create or choose one that covers HTTP access (port 80), HTTPS access (port 443), and SSH access (port 22).
    3. Use your own key-pair when setting this up, you will need this later, save it in your .ssh folder.
  3. Connect domain name to server.
    1. You will need the IP address of the server.
    2. Follow this guide.
  4. Install and configure Nginx on server
    1. Add the following lines to your config file

      Host host_name
        Hostname IP_address_of_server
        User ubuntu
        IdentityFile ~/.ssh/.pem_file_from_key-pair_download
    2. SSH on to server using the following command

      $ ssh host_name
    3. Run the following commands.
      # To install Nginx and verify the installation worked
      $ sudo apt-get update
      $ sudo apt-get install nginx
      $ sudo ufw app list
      
      Expected output:
      
      
      Available applications:
        Nginx Full
        Nginx HTTP
        Nginx HTTPS
        OpenSSH
      
      # To allow connections to the server
      $ sudo ufw allow OpenSSH
      $ sudo ufw allow 'Nginx HTTP'
      $ sudo ufw allow 443
      $ sudo ufw allow HTTP
      
      # To enable the firewall and verify it worked
      $ sudo ufw enable
      $ sudo ufw status
      
      Expected output:
      
      Status: active
      
      To                         Action From
      --                         ------ ----
      OpenSSH                    ALLOW Anywhere           
      Nginx HTTP                 ALLOW Anywhere           
      80                         ALLOW Anywhere           
      443                        ALLOW Anywhere           
      OpenSSH (v6)               ALLOW Anywhere (v6)           
      Nginx HTTP (v6)            ALLOW Anywhere (v6)           
      80 (v6)                    ALLOW Anywhere (v6)           
      443 (v6)                   ALLOW Anywhere (v6) 
      
      # To ensure Nginx is running as expected
      $ systemctl status nginx
      
      Expected output: 
      
      nginx.service - A high performance web server and a reverse proxy server
         Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
         Active: active (running) since Thu 2018-05-31 20:58:15 UTC; 1 weeks 4 days ago
       Main PID: 17606 (nginx)
          Tasks: 2
         Memory: 2.1M
            CPU: 842ms
         CGroup: /system.slice/nginx.service
                 ├─17606 nginx: master process /usr/sbin/nginx -g daemon on; master_process on
                 └─17607 nginx: worker process                           
      
      Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
    4. Check this by going to your website, a “Welcome to Nginx” page should appear
  5. Add an index.html file that will appear once Nginx is complete
    1. Run the following commands

      $ ssh host_name
      $ cd /var/www/html
      $ touch index.html
      $ sudo nano index.html
    2. Add the following text to the file
      Hello!
      
    3. Use Control + O to write to the file, click enter, then Control + X to quit nano. 
    4. Purchase and set up SSL from Namecheap
      1. Choose a PositiveSSL
      2. Generate a CSR in your terminal by running

        $ openssl req -new -newkey rsa:2048 -nodes -keyout site_name.key -out site_name.csr
        
        Generating a 2048 bit RSA private key
        ............................+++
        .....................................................................+++
        writing new private key to 'site_name.key'
        -----
        You are about to be asked to enter information that will be incorporated
        into your certificate request.
        What you are about to enter is what is called a Distinguished Name or a DN.
        There are quite a few fields but you can leave some blank
        For some fields there will be a default value,
        If you enter '.', the field will be left blank.
        
        -----
        Country Name (2 letter code) [AU]:US
        State or Province Name (full name) [Some-State]:Maryland
        Locality Name (eg, city) []:Hampstead
        Organization Name (eg, company) [Internet Widgits Pty Ltd]:Bytelion
        Organizational Unit Name (eg, section) []:Bytelion
        Common Name (e.g. server FQDN or YOUR name) []:site_name.com
        Email Address []:your_email@domain.com
        
        Please enter the following 'extra' attributes
        to be sent with your certificate request
        A challenge password []:
        An optional company name []:
      3. Copy the CSR by running
        $ cat site_name.csr
      4. Paste the CSR into Namecheap when asked.
      5. Follow steps in namecheap for domain validation. This can be done 1 of 3 ways, but via email(if yours is listed) or DNS is recommended. For help with this validation, refer to the links in Namecheap.
      6. Once this is complete, the certificate will be emailed to you, but be patient because it can take a while for the email to come through.
    5. Install SSL on server
      1. Download the SSL files from your email and unzip the file. This should leave you with a folder by the name site_name_com containing the files site_name_com.crt and site_name_com.ca-bundle
      2. Open the folder in the terminal and run the following commands

        # To combine the two files into one
        $ cat site_name_com.crt site_name_com.ca-bundle >> site_name-bundle.crt
        
        # To copy the file into the .ssh folder to then put them onto the server
        $ sudo cp site_name-bundle.crt ~/.ssh
      3. Navigate to the site_name.key file that was created with your CSR, then run the following commands

        # To copy the file into the .ssh folder to then put them onto the server 
        $ sudo cp site_name.key ~/.ssh
        
        # To verify the files were successfully moved
        $ cd
        $ cd .ssh
        $ ls
      4. Verify the site_name-bundle.crt and site_name.key files are there.
      5. Run the following commands to put the files on to the server.

        $ scp site_name-bundle.crt ubuntu@IP_address_of_server:
        $ scp site_name.key ubuntu@IP_address_of_server:
      6. SSH onto the server

        $ ssh host_name
        $ ls
        
      7. Verify the site_name-bundle.crt and site_name.key files are there.
      8. Run the following commands to move the files to their appropriate folders.
        $ sudo mv site_name-bundle.crt /etc/ssl/certs/
        $ sudo mv site_name.key /etc/ssl/private/
      9. Run the following commands to begin the set up of the Nginx configurations

        $ cd /etc/nginx/sites-enabled
        $ touch site_name
        $ sudo nano site_name
      10. Edit the file to contain the following.

        error_log /var/log/nginx/error.log;
        
        server {
           listen       80;
           server_name  site_name.com;
           return 301 https://site_name.com$request_uri;
        }
        
        server {                       
           listen       443;
           server_name  site_name.com;
           ssl on;
           ssl_certificate /etc/ssl/certs/site_name-bundle.crt;
           ssl_certificate_key /etc/ssl/private/site_name-server.key;
           ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
           root /var/www/html/;
        }
      11. Use Control + O to write to the file, click enter, then Control + X to quit nano.
      12. Run the following commands to stop and start nginx

        $ sudo systemctl stop nginx
        $ sudo systemctl start nginx
        
        
  6. Go to your website. The site should say “Hello!” and the word Secure with the padlock should be shown. Navigating to site_name.com should now redirect to https://site_name.com. 

 

Pros And Cons Of Building Your Website With WordPress

By Development, Marketing, Mobile, MVP, Security, Startup, Tips & Tutorials, Tools, WordpressNo Comments

WordPress as a web building tool has built its reputation as providing amazing features specifically in the world of CMS, powering over 75 million sites and almost 23% of the World Wide Webs’ sites. However, despite its popularity, WordPress has drawbacks as a website development platform that you should be aware of before jumping on the bandwagon. Being informed is one of the most important factors in deciding where and how to build your site.

 

A few of your options for building and designing your website:

 

Website Editor

(Wix/Squarespace or similar solution)

Website editor, easily learned, drag and drop designs, less customization, small sites

WordPress

Website builder, edit and manage content through admin access, customization limited to WordPress support and technical capabilities, learning curve

App development

Full development team/developer, Fully customizable, Supports large, complex sites with high user traffic

Some Things To Consider

 

Typical WordPress use

WordPress is largely known for its CMS (content management system) capabilities, but it supports models for blogging, eCommerce, and forum websites as well. Sites that differ from this will most likely need customization.

Cost

Building a site can be expensive, you need to make sure you’re getting what you need, rather than trying to opt for the cheapest solution. Custom website development can cost anywhere from $5,000 to upwards of hundreds of thousands of dollars, depending on your needs.

Time

Building a site takes time. How much time do you have? Most web projects take an average from 12 to 16 weeks. However, the time is always dependent on several factors, such as the complexity of the project, scope of work, number of people involved, etc. Always be sure to set a realistic timeline when looking at website building solutions.

Resources

How big is your team? Do you have any technical skills? WordPress maintenance requires a learning curve and dedication to the site after the initial build. To keep your site up to date, make sure you are prepared to learn or are willing pay someone for maintenance.

Security

WordPress is a great resource because of its popularity, but that popularity leaves sites more vulnerable to hackers and information leaks. What type of content are you providing? Does it need to be secure? Developing your own website or mobile app can provide more security.

Mobile

WordPress does not support mobile app development but does allow for you to have a responsive mobile version of your site.

Users

Does your website require a large number of users to log in and out of your site? Depending on your business, WordPress may not be able to support the high volume and data storage that your site requires. Consider building a customized application with a development team.

 

Benefits of WordPress

 

Ease of Use – For non-technical folks

WordPress is great for non-technical users who want to be able to manage their content and make minor adjustments without getting knee deep in code. The content builder enables you to design within a set framework BUT does not allow for much customization. If you are looking for customization, you will have to get your hands dirty and add in some code.

Plugins

WordPress has over 45,000 plugins that you can upload that increases new functionality options. This is great for you, it means you can do more than just make a basic blog! However, they require a lot of updates and may need customization and code to get them working properly with your site.

SEO Friendly – Kind of

WordPress is wonderful because it bumps up your site on web browsers from the built-in SEO(Search Engine Optimization) system, however, if you are a novice with SEO, you may need some coaching. Too much tagging and repetition can kill your SEO rating and send your website to the bottom of the page. Luckily WordPress has a wide range of plugins to help with this, including our favorite, Yoast, which helps by rating your pages on readability, keywords, and more!

Open Source – Faster Development

Open source code is great for speeding up development time. All of the code is shared and used between developers all over the world. This means your developer doesn’t need to make everything from scratch, cutting down on development time. However, this is a catch 22, as open source also means less security. Be sure to you weigh the importance of development time over site security.

Professional Themes

There is an endless source of pre-built design templates from which you may choose to use for the foundation of your site. Themes include one or more demos which you can activate. This provides you with an appealing, pre-designed site that requires minimal effort to get up and running. Keep in mind that these can be pricey and limit your site’s capabilities and customization, as not all plugins work with every theme.

Overall Lower Cost

Typically WordPress is a cheaper option than hiring a software development team. Since it is open source and widely used, you have many options for designers and developers. You also have the option to maintain the site on your own – if you have the resources and time to do so.

Mobile-Friendly

WordPress makes it easy to transition your site from desktop to smaller screens such as tablet or mobile. This may require some customization to make it just right, but it can beat building a mobile app or an entirely new mobile site. Make sure a responsive mobile site is a right option for you as Hackernoon reports that in 2018 mobile users spend about an hour on the mobile web, while almost 3.5 hours on mobile apps.

 

 

WordPress Negatives

 

Open Source – Security

Open source is great for fast development, but it can leave your site vulnerable to attacks from hackers. This can lead to problems down the road, either legally or with development constraints. Are you going to be handling credit card information? What about users’ personal info? If you do, you will need extra security, make sure WordPress can secure your info or pick a developer/development team that is knowledgeable and can successfully secure your data. Have questions? Let us help you feel safe about your site’s security.

Customization Needs Coding

WordPress was built for blogging, CMS, forums, etc. This makes breaking that model to build a restaurant site, for example, with online ordering, slightly more difficult. Most WordPress themes aren’t built for any models besides the typical ones mentioned above, which means more customization and less flexibility for the overall design of the site. This doesn’t mean it’s impossible, but it does mean less access to content without digging into the code base.

Frequent Updates

WordPress is constantly trying to improve and update their structure to better serve their large user base. Because of this, updates occur on a regular basis and could impact your site’s performance. At times, you may need to update plugins, which could result in your plugins no longer functioning correctly or not being supported by the new version of WordPress. It is very important to save a backup of your site before updating, just in case something goes wrong while converting to the new version. As you can imagine, this process requires some technical knowledge and the ability to fix bugs that may occur as you update your site.

 

Pro tip: WordPress doesn’t offer support!

 

Learning Curve

No matter whether you are a coder, a designer, or someone with no technical knowledge, WordPress requires time to learn the ins and outs of building and maintaining a site. If you think building a WordPress site is as easy as dragging and dropping elements on a page, you’ve got it wrong. WordPress is a very robust solution that is constantly updating and changing, it takes time and dedication to keep your site up-to-date.

Slow Speeds

WordPress has a reputation for having slow loading times and speeds for users. This is a big downfall as research from Hobo shows that users quickly get disheartened by slow loads times. Users will leave your site to find what they need elsewhere within 2-10 seconds of waiting on content to load. Even more concerning, eCommerce users will leave only after 2-3 seconds without content loading.

Not Easily Scalable

Unless planned well in advance, WordPress is not the best at scaling businesses. Most models are built with the intention that the site will stay relatively at the same size, volume, and structure. Modifying your WordPress site structure later down the road can lead to some sticky situations with plugins, content, and speed.

No Support Service

Building a WordPress site on your own? You’re Brave! Although WordPress has a massive following and plenty of answers that are just a google away, WordPress does not have an official support service. This means no one can get into your account and help you solve those more difficult, niche questions. Website editors typically have lots of support, but if those solutions don’t serve your needs, consider hiring a developer or development team who will only be a call away to give you unlimited support to solve your issues ASAP.

 

 

Conclusion

WordPress is great for some websites, specifically for smaller sites that don’t require tons of functionality and serve as a source of information rather than supporting large amounts of user data. Making sure you understand the capabilities and constraints of using WordPress will allow you to make the best decision for your business. If WordPress doesn’t seem like the right solution you may be better off using something more accessible like Wix, Squarespace, or even hiring a development team to build a customized solution. Sometimes the answer isn’t clear, and you’ll need to sit down and map out all of the pros and cons of each solution available to you. Feel free to reach out to our team for some expert advice. Good luck!

 

Have questions? Ask an Expert!

Our team of experts is always available to talk through your concerns and guide you in the right direction for your business, even if that option doesn’t mean using our team. Talk now.