• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

securitywing

Menu
  • About
  • Must Read
      • IIS Performance Boost
      • RFID Security
      • Web App Security Testing
      • How to Secure Home Network
      • Prevent Cross-Site Scripting Attacks
      • Renew Self-Signed Certificates
      • Penetration Testing Tools
      • VPN Concentrator
      • Forensic Investigation Tools
      • Digital Certificates
      • Cloud Security Issues
      • Advanced Evasion Prevention
      • Firewall Types
      • Tips to Prevent Data Exfiltration
      • Classified Info Handling
      • MySQL Security
      • Definition of 7 Types of Malware
      • VOIP Security
      • Why Antivirus Software Fails
      • 15 Network Security Vulnerabilities
      • Web App Security
      • IT Security Standards
      • Types of Virtualization
      • Android Security
      • Digital Signature
      • Advanced Malware Protection
    • Close
  • Consultancy
  • Contact

How to Setup SSL in AWS application load balancer for WordPress

by wing

How to setup SSL in AWS application load balancer for WordPress.

AWS application load balance helps to off load the web server by taking the responsibility of encrypting and decrypting the SSL connection. To implement SSL in WordPress you need to apply the SSL certification only on the load balancer. However, you still need to add the certificate in the server if you want https traffic between the load balancer and the web server. This post only focuses on how to setup SSL in AWS application load balancer for WordPress and make a few configuration changes on the wp-config file to get WordPress working with SSL.

Step 1: Create a load balancer

At first, you need to create an ALB (application load balancer) and then add two listeners-one is for https and another is for http. You do not require creating http listener if you do not want to redirect the users who type http in the browser instead of https. However, it is a good idea to redirect http to https since AWS ALB now support redaction option on the load balancer.

If you have not created a load balancer, you can create on the load balancer in your AWS account and select “application load balancer”. Next, add the http and https listener as shown below.

create an application load balancer in AWS

Click on “configure security settings” and upload a SSL certificate of choose one from the ACM that you already upload on your AWS account and keep the security policy to the default one ELBSecurityPolicy-2016-08 and click on “configure security groups” and either create one or choose an existing security group.

 

Setup http to https direction in Listener id HTTP:80

Once you create the load balancer, you need to go back to the load balancer and click on the listener id HTTP:80 and the default action to “redirect to” and add the port 443.

http to https redirection setup in ALB

Step 2: modify the wp-config file

Once you are done with the load balancer, you need to open the wp-config file and at the following lines at the beginning of the wp-config.php file

define(‘WP_HOME’,’https://yourdomain.com’);

define(‘WP_SITEURL’,’https://yourdomain.com’);

if (strpos($_SERVER[‘HTTP_X_FORWARDED_PROTO’], ‘https’) !== false)

$_SERVER[‘HTTPS’]=’on’;

 

Related Posts:

  • How to Resolve Route 53 Privated Hosted zone from a VPC in a different AWS account
  • How to Enable AWS Cross Account ECR Image Replication
  • How to Mount Amazon EFS in EC2-CentOS Instance
  • How to Install Boto3 for AWS SDK using Anaconda in Windows
  • How to Setup AWS CloudFront for Externally Registered Domain Name

Filed Under: Internet Security and Safety Tagged With: application load balancer, AWS, SSL

Primary Sidebar

CISSP Sample Test

Take a CISSP Sample Test

CISA IT governance Sample test



Twitter Follow @securitywing

Categories

  • AWS
  • containers
  • Internet Security and Safety
  • IS Audit
  • IT Security Exams
  • Network Security Tips
  • Off Track
  • Telecom
  • Tutorial

Pages

  • About
  • Best IT Security Certification Exam
  • CISA IT governance Sample test
  • CISA Sample Test
  • CISSP Sample Test Online
  • Consultancy
  • Contact

Popular Posts

  • 8 Effective Ways to Impro...
  • Yahoo Mail Security Setti...
  • 3 Steps to Install Miniku...
  • How to Setup AWS CloudFro...
  • 3 Simple Steps to Capture...
  • 5 Steps to Setup a Nexus3...
  • How to Configure AAA (TAC...
  • How to Configure SNMP in...
  • How to Install AWS CLI an...
  • How to Renew Self-Signed...

Footer

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

antivirus audit AWS backup browser check cisco cloud computer cyber data database encryption firewall home hsrp ids informaiton internet intrusion it kubernetes linux load balancing malware network protection putty risk router security security tips server ssh SSL switch tools virus vpn vulnerability web webserver website windows wordpress

Copyright © 2010-2023 ·All Rights Reserved · SecurityWing.com