Ok assuming you have the following stack of providers:
- Namecheap for registration of your domain name of
- Digital Ocean for running your droplet with the WordPress installation at
- Digital Ocean for the DNS service for
Then this is how you configure things to work with SSL and everything else loaded:
- Go to Namecheap and point
- At Digital Ocean, find the Network section and add the domain
new.comand make the A record point to the droplet running
- Now in host.com/wp-admin, you need to add a New Site and give it the url https://new.com this will configure the web server properly
- At this point you should have non-SSL access to your site and you should be able to browse to http://new.com and see something
Ok so now what to do, this is pretty unintuitive, you need ssh access to the droplet, so `ssh email@example.com` and then run:
- `certbot` is the system that connects to let’s encrypt it will detect that you have this site, if there are multiples, it will ask you about both new.com and www.new.com
- It will ask you if you want to always use SSL which you do.
Once this is done, it automatically gives you a free SSL certificate and will renew that certificate every month or so.
Now the next step is getting mail working. Assuming that you are using gsuite, this is pretty simple:
- The big trick is that you go to gsuite.com and make sure you say add “Add-on” domain and not a domain alias. A domain alias is for those cases where you change the name of your company and you want everyone to go from firstname.lastname@example.org to email@example.com
- In this case, if you just want to add a few names and control them so add-on is appropriate. So the steps are to then verify you controls the domain. Some have direct oauth, but if not, then the easiest way is to add a new TXT record with a GUID that google will give you.
- Then you have to wait up to seven days for the record to propagate. This has been as fast as five minutes and as long as 12 hours for me.
- Once this is done, then you can go back to Digital Ocean and then choose add MX record, there is actually a button to add Google MX records because it is so common.
- At this point you are routing mail too, but it will take time for the records to propagate. Use https://Mxlookup.com to see when this happens
Borking WordPress.com is one problem. I did this when I skipped the certbot step and then wordpress.com is completely confused to fix this:
- Deactivate Jetpack at the network levels and uninstall
- reinstall at the network level and enable all network level things