How to setup SSL in AWS application load balancer for WordPress.
AWS application load balance helps to off load the web server by taking the responsibility of encrypting and decrypting the SSL connection. To implement SSL in WordPress you need to apply the SSL certification only on the load balancer. However, you still need to add the certificate in the server if you want https traffic between the load balancer and the web server. This post only focuses on how to setup SSL in AWS application load balancer for WordPress and make a few configuration changes on the wp-config file to get WordPress working with SSL.
Step 1: Create a load balancer
At first, you need to create an ALB (application load balancer) and then add two listeners-one is for https and another is for http. You do not require creating http listener if you do not want to redirect the users who type http in the browser instead of https. However, it is a good idea to redirect http to https since AWS ALB now support redaction option on the load balancer.
If you have not created a load balancer, you can create on the load balancer in your AWS account and select “application load balancer”. Next, add the http and https listener as shown below.
Click on “configure security settings” and upload a SSL certificate of choose one from the ACM that you already upload on your AWS account and keep the security policy to the default one ELBSecurityPolicy-2016-08 and click on “configure security groups” and either create one or choose an existing security group.
Setup http to https direction in Listener id HTTP:80
Once you create the load balancer, you need to go back to the load balancer and click on the listener id HTTP:80 and the default action to “redirect to” and add the port 443.
Step 2: modify the wp-config file
Once you are done with the load balancer, you need to open the wp-config file and at the following lines at the beginning of the wp-config.php file
define(‘WP_HOME’,’https://yourdomain.com’);
define(‘WP_SITEURL’,’https://yourdomain.com’);
if (strpos($_SERVER[‘HTTP_X_FORWARDED_PROTO’], ‘https’) !== false)
$_SERVER[‘HTTPS’]=’on’;
