Secure Joomla with Let’s Encrypt on WHM/cPanel

We've already covered how to protect your Joomla site with HTTPS (SSL/TLS) using CloudFlare and Let's Encrypt on Plesk. This week we'll guide you through the steps to protect your site using Let's Encrypt on the WHM/cPanel hosting platform.

Let's Encrypt is a automated and open certificate authority that allows you to create free SSL certificate for your websites. All you need is a live domain to get started.

Fortunately, cPanel comes bundled with a Let's Encrypt plugin for the AutoSSL feature.

Installation

Before you can use the Let's Encrypt plugin, you need to install it. Make sure you are running at least cPanel & WHM version 58.0.17 or higher.

  1. Log in to your WHM/cPanel server via SSH as the root user.
  2. Execute the following command to install the plugin:

    /scripts/install_lets_encrypt_autossl_provider
    
  3. Log in to WHM and go to the AutoSSL feature via Home > SSL/TLS > Manage AutoSSL.

  4. In the list of AutoSSL Providers you'll now see Let's Encrypt listed. Select it and check the Terms of Service checkboxes.
  5. Press the Save button.

AutoSSL configuration

Install the certificate

Now we can request a certificate for your website. The AutoSSL feature needs to be enabled per user. Once enabled, it will automatically request certificates for every domain the user owns.

  1. Open the Manage Users tab on the same Manage AutoSSL page.
  2. Find the user you want to enable the feature for.
  3. In the Toggle AutoSSL column, select Enable AutoSSL for the user.
  4. Press the Check "user" button in the Run AutoSSL Check to request a certificate.

AutoSSL user management

The AutoSSL feature will ask Let's Encrypt to verify your domain and issue a new certificate. From that point on, AutoSSL will make sure to renew your certificate when it's about to expire.

To verify everything worked OK, you can take a look at the Logs tab to inspect the results.

Configure Joomla

All that's left to do is configuring your Joomla site. We want to make sure it serves all pages and assets via SSL:

  1. Open up your Joomla administrator.
  2. Go to System » Global Configuration.
  3. Open the Server tab.
  4. Set the Force HTTPS option to Entire site.
  5. Browse to your website and test!

Joomla Global Configuration

That’s it! Your website is now securely serving content to your visitors!

It's important to note that Let's Encrypt imposes some rate and domain limits. More background can be found in the AutoSSL documentation.