Question

CloudFlare SSL with WordPress Ubuntu LEMP

I have an SSL through cloudflare, and i have uploaded it to /var/ssl/ssl.pem and /var/ssl/ssl.key. I changed the folder permissions to chmod 700 /var/ssl.

I can access my site via http://165.227.182.40/ and http://aaronstone.io/ but not https://aaronstone.io/

sudo ufw status returns:


WARN: / is group writable!
Status: active

To                         Action      From
--                         ------      ----
22                         LIMIT       Anywhere
443                        ALLOW       Anywhere
80                         ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
22 (v6)                    LIMIT       Anywhere (v6)
443 (v6)                   ALLOW       Anywhere (v6)
80 (v6)                    ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)

netstat -atn shows

Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:60484 127.0.0.1:3306 ESTABLISHED tcp 0 0 165.227.182.40:22 63.131.219.239:58963 ESTABLISHED tcp 0 0 127.0.0.1:3306 127.0.0.1:60484 ESTABLISHED tcp 0 316 165.227.182.40:22 63.131.219.239:58846 ESTABLISHED tcp 0 0 127.0.0.1:60486 127.0.0.1:3306 ESTABLISHED tcp 0 0 127.0.0.1:3306 127.0.0.1:60486 ESTABLISHED tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN

My NginX config is as follows:

server {
    listen 80;
    listen [::]:80;

    # SSL configuration
    #
     listen 443 ssl;
     listen [::]:443 ssl;
         ssl_certificate /var/ssl/ssl.pem;
        ssl_certificate_key /var/ssl/ssl.key;

    root /var/www/html/;

    # Add index.php to the list if you are using PHP
    index index.php index.html index.htm index.nginx-debian.html;

    server_name aaronstone.io www.aaronstone.io;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        #try_files $uri $uri/ =404;
        try_files $uri $uri/ /index.php$is_args$args;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
             location ~ \.php$ {
        include snippets/fastcgi-php.conf;

        # With php7.0-cgi alone:
        #fastcgi_pass 127.0.0.1:9000;
        # With php7.0-fpm:
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny all;
    }
    location ~ /.well-known {
        allow all;
    }
}


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

I had not symlinked my sites-available to sites-enabled

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.