Question

CloudFlare SSL with WordPress Ubuntu LEMP

Posted on February 7, 2018
Nginx LEMP Ubuntu 16.04 WordPress
Asked by apstone

I have an SSL through cloudflare, and i have uploaded it to /var/ssl/ssl.pem and /var/ssl/ssl.key. I changed the folder permissions to chmod 700 /var/ssl.

I can access my site via http://165.227.182.40/ and http://aaronstone.io/ but not https://aaronstone.io/

sudo ufw status returns:


WARN: / is group writable!
Status: active

To                         Action      From
--                         ------      ----
22                         LIMIT       Anywhere
443                        ALLOW       Anywhere
80                         ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
22 (v6)                    LIMIT       Anywhere (v6)
443 (v6)                   ALLOW       Anywhere (v6)
80 (v6)                    ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)

netstat -atn shows

Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:60484 127.0.0.1:3306 ESTABLISHED tcp 0 0 165.227.182.40:22 63.131.219.239:58963 ESTABLISHED tcp 0 0 127.0.0.1:3306 127.0.0.1:60484 ESTABLISHED tcp 0 316 165.227.182.40:22 63.131.219.239:58846 ESTABLISHED tcp 0 0 127.0.0.1:60486 127.0.0.1:3306 ESTABLISHED tcp 0 0 127.0.0.1:3306 127.0.0.1:60486 ESTABLISHED tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN

My NginX config is as follows:

server {
    listen 80;
    listen [::]:80;

    # SSL configuration
    #
     listen 443 ssl;
     listen [::]:443 ssl;
         ssl_certificate /var/ssl/ssl.pem;
        ssl_certificate_key /var/ssl/ssl.key;

    root /var/www/html/;

    # Add index.php to the list if you are using PHP
    index index.php index.html index.htm index.nginx-debian.html;

    server_name aaronstone.io www.aaronstone.io;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        #try_files $uri $uri/ =404;
        try_files $uri $uri/ /index.php$is_args$args;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
             location ~ \.php$ {
        include snippets/fastcgi-php.conf;

        # With php7.0-cgi alone:
        #fastcgi_pass 127.0.0.1:9000;
        # With php7.0-fpm:
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny all;
    }
    location ~ /.well-known {
        allow all;
    }
}

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

apstone • February 7, 2018

Accepted Answer

I had not symlinked my sites-available to sites-enabled