Give us a call: (800) 252-6164
How to make your website load in under 2 seconds using Apache, Nginx, Redis, PHP7, MySQL, and WordPress

Load Times Under 2s: SSL Certificate & Apache Configuration

May 6, 2018 | By admin | Filed in: hosting.

Creating a Self-Signed SSL Certificate

Next we need to create a self-signed SSL certificate. This is very useful for testing purposes but should not be used in a production environment. That said, this will be the similar process to what needs to be done for a production, verified SSL certificate. We will take care of those later on.

First step we need to install the SSL certificate generation utility. To do this, run:

 

Now we need to create a directory for the SSL certificates to go. We also need to set the correct permissions to for this directory so that only the root user can access them. This is to help secure the certificates against any hacking.

 

No we actually need to create the certificate. To do this we’re going to run the openssl command. There are set of parameters here that will define how the certificate should be created. The important ones are the “keyout” file name and the “out” file name. These will specify where the files should be sent to once created.

 

Now we’re going to create a diffie-hellman encryption. This allows for the public key to be securely transmitted over an open channel.

 

Afterward we need to append the Diffie Hellman encryption key to the self-signed certificate.

 

Configuring Apache

Now we need to make some configuration changes to the Apache configuration files. This will specify that we need to have Apache listen on ports 8080 and 8081 instead of 80 and 81, respectively. We also need to change the IP address of the server update the SSL configurations to match our new self-signed certificates. You’re going to want to run:

 

… and make the following changes:
Change “Listen 80” to “Listen 8080”
Change “ServerName” to “ServerName [[Your IP Address]]:8080”
Change the “/var/www” section’s “AllowOverride None” to “AllowOverride All”
Change the “/var/www/html” section’s “AllowOverride None” to “AllowOverride All”

… in the end, your file should look something like:

In ssl.conf…

 

… you need to make the following modifications:
Set: Listen 8081 https
Change: to
Set: DocumentRoot “/var/www/html”
Set: ServerName [[Your IP Address]]
Comment out ‘SSLProtocol’ and ‘SSLCipherSuite’
Change: SSLCertificateFile /etc/ssl/certs/test-selfsigned.crt
Change: SSLCertificateKeyFile /etc/ssl/private/test-selfsigned.key

… and add the following to the end of the file:

 

… in the end, your file should look something like:

Once these files have been updated, restart apache.

 

If you have SELinux, you’ll need to enable ports 8080 and 8081, as well as open ports 80 and 443 on the firewall. To do this, run:

 

Now, restart Apache. If there aren’t any error messages, this should indicate that everything is loading properly.

 

Now at this point, if you go to http://[[Your IP Address]]:8080 you should see the default Apache notification page and if you go to your http://[[Your IP Address]]:8080/phpmyadmin you should see the phpmyadmin page. You should be able to log in to. Now if you go to https://[[Your IP Address]]:8081 you should see an SSL warning. This is fine it’s just indicating that it cannot independently verify your SSL certificate. Allow your browser to continue past this error message and you should see the default Apache page.

If you run into connection issues, you may have to temporarily flush your iptables (they should be back when you restart your server):

 

Automatic Installation?

If you like the result of the tutorial, but run into problems or would just like to have the work done automatically, we can help you with that. We have an automated script that can SSH into your server and run this tutorial from beginning to end (as long as it’s running CentOS 7). If you would like this done for you ($100), please contact us using the form below.

 

    Get Started







     


    Part 1: Introduction and Planning

    Why it’s important to have your pages load in under 2 seconds, and a plan of how we will set up and configure the server.

    Part 2: Installing Software

    Initial setup of the server, including installing CentOS7, installing tools, installing SSH and SSL, enabling repositories, and installing support packages.

    Part 3: MySQL, Apache, PHP7, & Composer

    Installation of MySQL database serverApache web serverPHP, and Composer package manager for PHP

    How to download, install, and configure PHPMyAdmin; How to install and configure Redis

    Part 5: SSL Certificate & Apache Configuration

    How to create a self-signed SSL certificate; how to configure Apache as a PHP backend

    Part 6: FTP & DNS

    How to install and configure an FTP server with dynamic users; how to set up a DNS server

    Part 7: Installing Nginx

    How to download, build, and install Nginx with additional modules

    Part 8: Configuring Nginx

    How to set up Nginx configuration files including (with explanations): nginx.confGzip compression settingsvisitor browser caching settingsSSL settingsreverse proxy settings for sending data to the Apache serverreverse proxy connection configurationsfile access restrictions, and WordPress configuration settings

    Part 9: Adding a WordPress Website

    How to add a WordPress website to the server including configuring the DNS Server, adding a verified SSL certificate, either manually or for free using Let’s Encrypt, setting up FTP for your site, configuring Apache, configuring Nginx, uploading your WordPress site files, and importing your MySQL database.

    Part 10: WordPress Website Speed Improvements

    Speeding up your WordPress installation using a Redis plugin and a caching plugin.



    Tags:

    Comments are closed here.

    Scroll To Top