[Solved] No AutoSSL on Ricky?

[esn024]

According to the Wiki, Ricky is supposed to have free AutoSSL support, but I only see the option to "purchase" certificates in my cpanel.

 

I've been using the 90 day Let's encrypt certs so far, but I haven't stayed on top of renewing them. I'd like to get AutoSSL working if possible.

[Flaze]

It should renew by itself, I don't think older cPanel versions (which Ricky use) have that AutoSSL feature built into the panel.

[esn024]

Hi flapeze,

How do I set it up? My website has no SSL certificate attached to it right now (other than an expired one)... and only showed one when I set it up manually (without autorenew) using let's encrypt.

Edited December 28, 2020 by esn024

[OnEnemy]

Hi flapeze,

How do I set it up? My website has no SSL certificate attached to it right now (other than an expired one)... and only showed one when I set it up manually (without autorenew) using let's encrypt.

Again, like he said, it will work by itself. Try removing all certs from Ricky and give it 24 hours to do its thing.

[esn024]

I am removing all information associated with the old expired certificate - including the private key. Do I have to generate a new private key through cpanel, or do I just leave everything blank?

[OnEnemy]

Leave everything blank for now, and if nothing happens in 24 hours, then start adding stuff, little by little, starting with private key.

[wolstech]

It will never install a certificate for him because he forced SSL in .htaccess (AutoSSL requires the site be able to accept a plain HTTP connection). I deleted his htaccess file and it immediately issued a cert. If he really wants to require SSL, either exceptions need to be included to make AutoSSL work properly, or he can do it in PHP instead.

 

I see the cert in his cPanel now as well, so as soon as Apache restarts this should work for him (he may need to clear his cache).

 

Also, word of advice: Dump WordPress. If there's any one program that will run terribly and get you suspended, it's WP. Literally any other product is better.

[esn024]

Thank you wolstech! I'm so glad not to have that headache any more! ...and I AM looking into getting rid of wordpress (it is broken right now anyway, as you can obviously see), though it might take me a bit of time to set up something with the features I'm looking for.

 

Is the suspension risk if it gets compromised, or is there something else I should be aware of?

[OnEnemy]

Thank you wolstech! I'm so glad not to have that headache any more! ...and I AM looking into getting rid of wordpress (it is broken right now anyway, as you can obviously see), though it might take me a bit of time to set up something with the features I'm looking for.

 

Is the suspension risk if it gets compromised, or is there something else I should be aware of?

It can be hacked easily by theme/plugin devs and it causes a lot of load, for no reason at all.

[wolstech]

Yep. Krydos has posted numbers on here before...we had a site running something else pushing thousands of views and causing virtually no load, while a comparable WP site caused more load in like 5 page views than the first one did with its thousands.

 

We also see WP get suspended when it isn't even being used (things like it's cron can get it suspended).