<li>With HTTPS, users' ISPs cannot snoop on what they are looking at on your website.
They know that they have connected, but the particular pages they visit are private as everything is encrypted. HTTPS increases user privacy.</li>
<li>If you later create usernames and passwords for any service on your site, lack of encryption can compromise that private data! Most well-designed software will automatically <em>prevent</em> any unencrypted connections over the internet.</li>
<li>Search engines like Google favor pages with HTTPS over unencrypted HTTP.</li>
<li>You get the official-looking green 🔒 symbol in the URL bar in most browsers which makes normies subtly trust your site more.</li>
</ul>
<h2>Let's do it!</h2>
<imgsrc=pix/nginx-website.png>
<p>Note in this picture that a browser accessing your site will say "Not secure" or something else to notify you that we are using and unencrypted HTTP connection rather than an encrypted HTTPS one.</p>
<p>And this will install <code>certbot</code> and its module for <code>nginx</code>.</p>
<h2>Run</h2>
<p>
As I mentioned in the previous article, firewalls might interfere with certbot, so you will want to either disable your firewall or at least ensure that it allows connections on ports 80 and 443:
It will take a moment to create the certificate, but afterwards, you will be asked if you want to automatically redirect all connections to be encrypted.
<p>You should now be able to go to your website and see that there is a lock icon or some other notification that you are now on an encrypted connection.</p>
<imgsrc=pix/certbot-03.png>
<h2>Setting up certificate renewal</h2>
<p>
As I mentioned in passing, the Certbot certificates last for 3 months.
To renew certificates, you just have to run <code>certbot --nginx renew</code> and it will renew any certificates close to expiry.
</p>
<p>
Of course, you don't want to have to remember to log in to renew them every three months, so it's easy to tell the server to automatically run this command.
<footer><ahref="https://landchad.net">LandChad.net</a></br>Because Everyone should be an Internet LandChad.</br><ahref="index.html"><li><imgsrc="pix/chad.gif"alt="chad"></li></a><ahref="rss.xml"><li><imgsrc="pix/rss.svg"alt="RSS"></li></a><ahref="pix/btc.png"><li><imgsrc="pix/btc.svg"alt="BTC"></li></a><ahref="pix/xmr.png"><li><imgsrc="pix/xmr.svg"alt="XMR"></li></a><ahref="https://github.com/lukesmithxyz/landchad"><li><imgsrc="pix/git.svg"alt="Github"></li></a></footer>