‹ Return to How tos

Configuring your WordPress instance to work with your Amazon Lightsail distribution

Last updated: April 14, 2023

In this guide, we show you how to configure your WordPress instance to work with your Amazon Lightsail distribution. To configure your WordPress instance to work with your distribution, determine if:

For more information about distributions, see Content delivery network distributions in Amazon Lightsail.

Configure your WordPress instance to work with your distribution using SSL/TLS termination

All Lightsail distributions have HTTPS enabled by default for their default domain (e.g., 123456abcdef.cloudfront.net). When you configure a WordPress instance that doesn't use HTTPS as the origin of your distribution, you can configure your distribution to terminate SSL/TLS and forward all content requests to your instance using an unencrypted connection. The connection between your website visitors and your distribution is encrypted (using HTTPS), and the connection between your distribution and your instance is un-encrypted (using HTTP only). This configuration is known as SSL/TLS termination. To enable this configuration, you must configure your distribution's origin protocol policy to HTTP only, which is the default configuration. For more information, see Origin protocol policy. You must also edit the WordPress configuration file (wp-config.php) in your instance to account for the TLS termination behavior from your distribution. If you don't make the required edits to the wp-config.php file in your instance, your website visitors might see an error or your website content might not be formatted correctly.

Complete the following procedure to edit the wp-config.php file in your WordPress instance for it to work with your distribution.

Note

We recommend that you create a snapshot of your WordPress instance before getting started with this procedure. The snapshot can be used as a backup from which you can create another instance in case something goes wrong. For more information, see Creating a snapshot of your Linux or Unix instance in Amazon Lightsail.

  1. Sign in to the Lightsail console.

  2. On the Lightsail home page, choose the browser-based SSH client icon that is displayed next to your WordPress instance.

  3. After you're connected to your instance, enter the following command to create a backup of the wp-config.php file. If something goes wrong, you can restore the file using the backup.

    sudo cp /opt/bitnami/wordpress/wp-config.php /opt/bitnami/wordpress/wp-config.php.backup
  4. Enter the following command to open the wp-config.php file using Vim.

    sudo vim /opt/bitnami/wordpress/wp-config.php
  5. Press I to enter insert mode in Vim.

  6. Delete the following lines of code in the file.

    define('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/');
    define('WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/');
  7. Add one of the following lines of code to the file depending on the version of WordPress that you're using:

    • If you're using version 3.3 or lower, add the following lines of code where you previously deleted the code.

      define('WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] . '/');
      define('WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] . '/');
      if (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'])
      && $_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] === 'https') {
      $_SERVER['HTTPS'] = 'on';
      }
    • If you're using version 3.3.1-5 or higher, add the following lines of code where you previously deleted the code.

      define('WP_SITEURL', 'http://DOMAIN/');
      define('WP_HOME', 'http://DOMAIN/');
      if (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'])
      && $_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] === 'https') {
      $_SERVER['HTTPS'] = 'on';
      }
  8. Press the Esc key to exit insert mode in Vim, then type :wq! and press Enter to save your edits (write) and quit Vim.

  9. Enter the following command to restart the Apache service on your instance.

    sudo /opt/bitnami/ctlscript.sh restart apache
  10. Wait a few moments for your the Apache service to restart, then test that your distribution is caching your content. For more information, see Testing your Amazon Lightsail distribution.

  11. If something went wrong, re-connect to your instance using the browser-based SSH client. Run the following command to restore the wp-config.php file using the backup you created earlier in this guide.

    sudo cp /opt/bitnami/wordpress/wp-config.php.backup /opt/bitnami/wordpress/wp-config.php

Configure your WordPress instance to work with your distribution using end-to-end encryption

All Lightsail distributions have HTTPS enabled by default for their default domain (e.g., 123456abcdef.cloudfront.net). When you configure a WordPress instance that uses HTTPS as the origin of your distribution, you can configure your distribution to forward all content requests to your instance using an encrypted connection. The connection between your website visitors and your distribution is encrypted (using HTTPS), and so is the connection between your distribution and your instance. This configuration is known as end-to-end encryption. To enable this configuration, you must configure your distribution's origin protocol policy to HTTPS only. For more information, see Origin protocol policy. If you don't configure your distribution's origin policy to HTTPS only, your website visitors will see an error.

Additional information about distributions

Here are some articles to help you manage distributions in Lightsail: