Secure Joomla with Let’s Encrypt on Plesk

We recently explained how to put your Joomla site on HTTPS (SSL/TLS) using CloudFlare. If you like a bit more control over your certificates and DNS, you can also use Let’s Encrypt.

In this guide we’ll show you how to protect your site with Let’s Encrypt on Plesk hosting.

What is Let’s Encrypt?

Let’s Encrypt is an automated and open certificate authority that allows you to create free SSL certificate for your websites. All you need is a live domain to get started.

To work with Let’s Encrypt on Plesk, you can install the Let’s Encrypt extension to do all the heavy lifting for you.

Installation

This guide assumes you are in the Power User view. For more information on Views, refer to the Plesk documentation.

  1. Log into Plesk as an administrator.
  2. Go to the Extensions menu item.
  3. In the Extensions Catalog, search for Let’s Encrypt.
  4. Press the Install button.
Install Let's Encrypt extension.

Install Let’s Encrypt extension.

Install the certificate

Now we can request a certificate for our website:

  1. Go to Websites & Domains and find your website.
  2. Find the Let’s Encrypt menu item for that domain.
  3. Enter a valid e-mail address. This is used to send urgent notifications and for lost key recovery.
  4. If your domain is also available with the www subdomain, make sure to tick the box next to Include a “www” subdomain.
  5. Press the Install button.
Let's Encrypt configuration dialog.

Let’s Encrypt configuration dialog.

The extension will get to work in the background and ask Let’s Encrypt to verify your domain. When it’s finished, you will be redirected to the website overview.

Look for the green notification bar to confirm your certificate has been installed.

Confirmation message.

Confirmation message.

Enable SSL support

Finally, make sure SSL support for your site is enabled:

  1. Go to the Hosting Settings for your domain.
  2. Look for the Security section.
  3. Make sure the box next to SSL/TLS support is ticked.
  4. Double-check that the correct Let’s Encrypt certificate is selected.
  5. Save your settings.
Configure Let's Encrypt for this domain.

Configure Let’s Encrypt for this domain.

Configure Joomla

Now we only need to configure your Joomla site. We want to make sure it serves all pages and assets via SSL:

  1. Open up your Joomla administrator.
  2. Go to System » Global Configuration.
  3. Open the Server tab.
  4. Set the Force HTTPS option to Entire site.
  5. Browse to your website and test!
Joomla Global Configuration.

Joomla Global Configuration.

That’s it! You’ve taken an important step towards making the web browsing experience more secure and private for your users!

Need help?

Need help securing your website? Get in touch, we love to help out!

Up next

Joomlatools UI v0.1.0 released

Joomlatools UI is a user interface development kit that follows a number of timeless design principles and is build using modern tools and methodologies.

Read more →

Play videos with DOCman and FILEman - Sneak Peak

DOCman and FILEman 3.1 will support HTML5 audio/video streaming with a sleek media player.

Read more →

Joomlatools Connect 2.0 is here

Joomlatools Connect brings web services directly to your Joomla website

Read more →