Configuring your WordPress instance to work with your Amazon Lightsail distribution
Last updated: April 14, 2023
In this guide, we show you how to configure your WordPress instance to work with your Amazon Lightsail distribution. To configure your WordPress instance to work with your distribution, determine if:
Your WordPress website uses Hypertext Transfer Protocol (HTTP) only - If your website uses HTTP only, and is not configured to use HTTPS, then you must follow the instructions in the Configure your WordPress instance to work with your distribution using SSL/TLS termination section of this guide.
Your WordPress website uses Hypertext Transfer Protocol Secure (HTTPS) - If your website is configured to use HTTPS, then you must follow the instructions in the Configure your WordPress instance to work with your distribution using end-to-end encryption section of this guide. If you want to configure your WordPress website to use HTTPS, then see Tutorial: Using Let’s Encrypt SSL certificates with your WordPress instance in Amazon Lightsail.
For more information about distributions, see Content delivery network distributions in Amazon Lightsail.
Configure your WordPress instance to work with your distribution using SSL/TLS termination
All Lightsail distributions have HTTPS enabled by default for their default domain
(e.g., 123456abcdef.cloudfront.net
). When you configure a WordPress instance that
doesn't use HTTPS as the origin of your distribution, you can configure your distribution to
terminate SSL/TLS and forward all content requests to your instance using an unencrypted
connection. The connection between your website visitors and your distribution is encrypted
(using HTTPS), and the connection between your distribution and your instance is un-encrypted
(using HTTP only). This configuration is known as SSL/TLS termination. To enable this
configuration, you must configure your distribution's origin protocol policy to HTTP
only, which is the default configuration. For more information, see Origin protocol policy. You must also edit the WordPress configuration file
(wp-config.php
) in your instance to account for the TLS termination behavior
from your distribution. If you don't make the required edits to the wp-config.php
file in your instance, your website visitors might see an error or your website content might
not be formatted correctly.
Complete the following procedure to edit the wp-config.php
file in your
WordPress instance for it to work with your distribution.
Note
We recommend that you create a snapshot of your WordPress instance before getting started with this procedure. The snapshot can be used as a backup from which you can create another instance in case something goes wrong. For more information, see Creating a snapshot of your Linux or Unix instance in Amazon Lightsail.
Sign in to the Lightsail console.
On the Lightsail home page, choose the browser-based SSH client icon that is displayed next to your WordPress instance.
After you're connected to your instance, enter the following command to create a backup of the
wp-config.php
file. If something goes wrong, you can restore the file using the backup.sudo cp /opt/bitnami/wordpress/wp-config.php /opt/bitnami/wordpress/wp-config.php.backup
Enter the following command to open the
wp-config.php
file using Vim.sudo vim /opt/bitnami/wordpress/wp-config.php
Press
I
to enter insert mode in Vim.Delete the following lines of code in the file.
define('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/'); define('WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/');
Add one of the following lines of code to the file depending on the version of WordPress that you're using:
If you're using version 3.3 or lower, add the following lines of code where you previously deleted the code.
define('WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] . '/'); define('WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] . '/'); if (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && $_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] === 'https') { $_SERVER['HTTPS'] = 'on'; }
If you're using version 3.3.1-5 or higher, add the following lines of code where you previously deleted the code.
define('WP_SITEURL', 'http://DOMAIN/'); define('WP_HOME', 'http://DOMAIN/'); if (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && $_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] === 'https') { $_SERVER['HTTPS'] = 'on'; }
Press the Esc key to exit insert mode in Vim, then type
:wq!
and press Enter to save your edits (write) and quit Vim.Enter the following command to restart the Apache service on your instance.
sudo /opt/bitnami/ctlscript.sh restart apache
Wait a few moments for your the Apache service to restart, then test that your distribution is caching your content. For more information, see Testing your Amazon Lightsail distribution.
If something went wrong, re-connect to your instance using the browser-based SSH client. Run the following command to restore the
wp-config.php
file using the backup you created earlier in this guide.sudo cp /opt/bitnami/wordpress/wp-config.php.backup /opt/bitnami/wordpress/wp-config.php
Configure your WordPress instance to work with your distribution using end-to-end encryption
All Lightsail distributions have HTTPS enabled by default for their default domain
(e.g., 123456abcdef.cloudfront.net
). When you configure a WordPress instance that
uses HTTPS as the origin of your distribution, you can configure your distribution to forward
all content requests to your instance using an encrypted connection. The connection between
your website visitors and your distribution is encrypted (using HTTPS), and so is the
connection between your distribution and your instance. This configuration is known as
end-to-end encryption. To enable this configuration, you must configure your distribution's
origin protocol policy to HTTPS only. For more information, see Origin protocol policy. If you don't configure your distribution's origin policy to
HTTPS only, your website visitors will see an error.
Additional information about distributions
Here are some articles to help you manage distributions in Lightsail:
Understanding request and response behaviors of an Amazon Lightsail distribution
Configuring your WordPress instance to work with your Amazon Lightsail distribution
Changing the caching behavior of your Amazon Lightsail distribution
Enabling custom domains for your Amazon Lightsail distributions
Pointing your domains to your Amazon Lightsail distributions
Changing custom domains for your Amazon Lightsail distribution
Disabling custom domains for your Amazon Lightsail distributions
Creating SSL/TLS certificates for your Amazon Lightsail distribution
Validating SSL/TLS certificates for your Amazon Lightsail distribution
Viewing SSL/TLS certificates for your Amazon Lightsail distribution
Deleting SSL/TLS certificates for your Amazon Lightsail distribution