Using Let’s Encrypt with DreamPress

There is a lot more interest in encrypting web traffic these days. In the past, web encryption was primarily used only in e-commerce, to protect shoppers’ personal card information, and logging into web applications. No longer. There are now a number of additional benefits to using web encryption on your domain.

Encrypting web traffic gives your visitors more privacy. This is increasingly important to many Internet visitors, concerned about identity theft and illegal spying. It builds trust for your brand, demonstrating your awareness and care for those matters.

Another huge benefit of web encryption is it improves your search engine rankings. Google now rewards websites that support encrypted traffic by giving them higher search engine results (everything else being equal). 

To add encryption to your website, you need to add a TLS/SSL certificate to your domain. TLS is the new name for SSL and stands for Transport Layer Security. A TLS certificate uses an encryption key that is available only to the web server and browser during a specific communication session. This means no one else can view the information being exchanged between the browser and the server. TLS also guarantees to the browser that it is talking to the right web server and not some criminal site masquerading as the intended server.

There are two primary reasons why TLS/SSL was not used as much in the past. One was the cost to acquire a certificate. The other was the performance impact to encrypt and decrypt each message.  

The first reason is no longer an issue. Let’s Encrypt is a new certificate authority that will issue a TLS certificate to you, the domain owner, FREE of charge. Let’s Encrypt has a mission to secure the web by offering free secure certificates to anyone who owns a domain.

We’re excited to announce that starting today we’re pre-installing a Let’s Encrypt certificate on every new DreamPress managed WordPress hosting service! That’s right, every new DreamPress hosting service will get Let’s Encrypt pre-installed on their domain. Privacy and security is taken very seriously at DreamHost, and we want to help our customers take advantage of the great new (and free) service that Let’s Encrypt provides.

But what about the second issue? Doesn’t adding TLS to your web server slow down your website’s response time? Yes, it can. It does take time to encrypt and decrypt each message. To help mitigate this, we are adding NGINX, an ultrafast web server, to front end all HTTPS traffic for your DreamPress-powered WordPress website so that the extra time to encrypt your traffic is minimized. NGINX is significantly faster than Apache—it can handle a lot of connections at the same time (Apache has limits), and it adds a number of other advanced features that make it a great solution for handling HTTPS traffic efficiently. One of the biggest is our added support for HTTP/2. HTTP/2 provides faster communications through binary support, non-blocking multiplexed traffic and header compression. This also speeds up TLS/SSL communications to minimize overall performance impact.

That’s great, but what about existing DreamPress and other DreamHost hosting customers? Good news, it’s very easy to install a Let’s Encrypt certificate—including for WordPress websites.

Adding TLS/SSL support to your website can be done through the Secure Hosting page in the DreamHost panel. Here are the steps to set it up:

1. Go to Domains > Secure Hosting page.
2. Select the certificate you want to use, then choose Let’s Encrypt.
3. In the Add Secure Hosting page, select the domain of your DreamPress or other hosting service.
4. Click the checkbox, then the Add Now! button. That’s it.

If you’re a WordPress user, once you’ve set up the certificate in the panel, you’ll need to make a few changes in the WordPress dashboard:

1. On the Settings > General page, change your Site Address (URL) and WordPress Address (URL) by updating the beginning of your URL in both fields from “http” to “https”. Then click Save.
2. Your existing content and media will still point to HTTP, so it is necessary to update all of your site links. The easiest way to do that is to install a plugin like WordPress HTTPS (there are others in the WordPress plugin repository that do the same), which will force all your site links to use HTTPS no matter what.

Now you have a WordPress website with the ability to support private communications between your web server and your visitor’s browsers! And you get to take advantage of the benefits of NGINX and HTTP/2 as well!

Let’s Encrypt is changing the face of the Internet. Get a FREE secure web certificate today if you don’t already have a one! DreamHost makes it easy.