Setting up Wordpress on Raspberry Pi 4 (raspbian buster) using Cloudflare,NGINX - Part 1


Things you need before getting started are
  • A Router 
  • Raspberry pi 4 or any other Raspberry pi with Raspbian Buster installed
  • A Domain name registered in any famous domain company

Lets get started,click on the link below to sign up for Cloudflare.
Type in your email address and click Create Account.
Once the account is created and you’ve verified your email address and logged back into Cloudflare account, click the button or link (Add a Site) to add a site to your account.
Next, type in the domain name you have registered. Cloudflare service will help speed up and protect the site you add.
Next, Cloudflare will begin to query your domain DNS provider for the records in the DNS table.If the domain is online, Cloudflare should find it and import the records into your Cloudflare account.
After that, select the plan you want to use for the site.For this tutorial, we’re going to be using Cloudflare free plan…
When you’re done, you should see two nameservers provided to you by Cloudflare.What you need to do is logon to your domain provider’s portal. where you have your domain and replace the nameservers with the ones Cloudflare gives you.
For example, our example.com site is hosted with Bigrock.Hence, update name servers


Once you’ve saved your custom nameservers changes,  go back to your Cloudflare account and wait for Cloudflare to see the changes.Depending on your domain provider, it make take up to an hour for Cloudflare to be visible.
Once all is ready, you’ll see your site status as Active..
When everything is done, you should also see your Cloudflare account with DNS entries as shown below.Your DNS records might have more entries then the two below.. but these two are the most important for running your website.
Now, check your public ip in the raspberry pi and update that ip into dns record of example.com
and also enable port forwarding of your internal raspberry pi ip address(192.168.1.6 in my case) by logging into your router.(192.168.1.1 general log in )
This can be found my hovering your mouse on raspberry pi wifi connection too.

After that, click on Crypto tab and choose to enable Full (strict) SSL.This should turn on SSL for the site.
Still under Crypto tab, scroll down to Origin Certificates. Then click the button to create certificate.
Use the free TLS certificate signed by Cloudflare to install on your origin server. Origin Certificates are only valid for encryption between Cloudflare and your origin server.
choose to Let Cloudflare generate a private key and a CSR for the domain. Click Next
Then copy a paste these into a text file on onto your server.
run the commands below to create the key, certificate and origin pull files… Copy and paste each content into the respective file.. and save..
For the key file… run this, then copy and paste the key into the file and save…
sudo nano /etc/ssl/private/cloudflare_example.com.pem
For the certificate file, run this and copy and paste the certificate content into the file and save…
sudo /etc/ssl/certs/cloudflare_example.com.pem
You’ll also want to download Cloudflare Origin Pull certificate… You can download that from the link below:
Run th commands below to download it..
After that, you should have three files.. The server key, server certificate and theorigin-pull certificate..
We will use these file in Nginx config below
After saving the key, certificate and origin pull certificates files… continue below..
Still, under, Crypto enable Always use HTTPS and you may also change settings for HSTS but not necessary…
Next, turn on Authenticated Origin Pulls and Opportunistic Encryption, and continue..
Then, turn on Automatic HTTPS Rewrites and continue..
Next, move to the Speed tab, tune on Auto Minify for JavaScript, CSS and HTML.. and continue
Next, move to the Page Rules tab… then create a new rule for the site.. then type URL and choose Always Use HTTPS
http://* example.com/*
Alwyas Use HTTPS

Save your settings and you’re done with setting up Cloudflare.

Let's continue on part 2

Post a Comment

0 Comments