My downstairs web server is currently running Ubuntu 20.04, PHP 7.4, Apache 2.4 and WordPress 5.5. WordPress and Chrome have been nagging me about upgrading to https for some time. Initially I looked at it from the WordPress perspective but of course I self-host WordPress, together with a few other websites, so the solution has more to do with Apache than with WordPress. And so I found this excellent tutorial: How To Secure Apache with Let’s Encrypt on Ubuntu 20.04.
At Step 4 you run the Certbot software to obtain the SSL certificate and optionally add redirects to the Apache config files.
“Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access”.
I wasn’t sure if my WordPress installation was ready to fly yet without http, so I said no. I would check if https was working ok and do the Apache redirects myself later. As it turned out I didn’t have to do the redirects manually. If you run Certbot again (you may as well install a new certificate) then say yes to the question about redirects.
The https installation worked but afterwards I noticed that the WordPress Site Health plugin was complaining about a few things, including:
- The REST API encountered an error
- Your site could not complete a loopback request
I spent a lot of time googling this problem. It is a common problem with many possible causes and fixes, none of which worked.
The second problem I noticed was that https was working from within my home network but not from outside. I assumed this problem related to the changes I had made to ufw and I spent far too long editing that. I also thought that Certbot may have mucked up my Apache config files. But of course neither problem had anything to do with Certbot or the tutorial. Eventually I realized I had forgotten to open up port 443 on my home router! This instantly solved both problems.