Security

WordPress seems to be infamous for getting hacked all the time. The solution itself tends to get dismissed immediately in the eyes of an IT professional - it’s not an ’enterprise’ solution, or even a ‘professional’ one. Yet it’s still exceptionally popular and it’s so easy to get going, even if you don’t understand the technical intricacies.

This is a step by step guide on how to secure Ghost with nginx and Let’s Encrypt. This guide is part of the Deploy Ghost series and is split into three parts - Deploying, Securing, and Optimising. This is part two and once we’re done, we will have our Ghost blog running over HTTPS, with a good TLS and security header setup.