How to add SSL to Your Site Running WordPress with on Shared Hosting with cPanel

I’ve spent a while banging my head against this, so I thought I would share since I didn’t see any other place online that had everything I needed to know in one place.

I run a few other sites that require SSL for running credit card transactions or that form submissions be secure.

In the past, I’ve gone with paying for SSL certificates, but the new player in town, Let’s Encrypt, is free and automated, so once I have things set up, I don’t have to worry about renewing a certificate again and I can get it for free.

I’m running these sites on shared hosting plans that I have shell access to, so that will be a requirement for you if you want to play along too.

First, in order to get the easiest setup possible, I went with for a client.  Most importantly, it doesn’t require root access and you can download it to pretty much whatever shared hosting you are on.  It’s quite easy to download into a directory on the server using git or downloading and unzipping a tarball. I don’t pipe scripts directly to the shell like they recommend.  YMMV.

Second, like most hosting providers, I have cPanel access as well and there are some SSL certificates managed there for all of my websites. has a handy little interface to do all of the work for you of installing the certificate in the right place.

Once you’ve got those two things, the setup is pretty simple as long as you do a couple of checks first since and Let’s Encrypt are pretty particular about how they want things set up.  First, check your umask for your server.  Mine was set a little more securely than usual and wasn’t allowing the web server to read the files generated by

$ umask

If that’s the case for you, I recommend the standard Linux umask of 022, which gives read execute permissions to files for users and groups.  That did the trick for me.

$ umask 022

Now issue the certificate

$ --issue -d -w /home/username/public_html/

One snag you may also run into is that you don’t have an .htaccess file for a new directory that gets set up.  In our example above, you’ll get a new directory created under /home/username/public_html/ where you’ll see a bunch of files getting created, but you might be getting a message that you don’t have permissions to view these files.  This is because the .htaccess file from WordPress is telling the server that this folder shouldn’t be accessed.

The solution is to add a new .htaccess file into this newly created folder and add in access rules that allow your server to serve these temporary validation files for Let’s Encrypt.  You’ll need to modify the file path, but the .htaccess that gets created says to turn off the rewrite engine for this folder and allow any queries to succeed.  This supersedes the .htaccess from the WordPress installation, so should work.

$ cat > /home/username/public_html/ <<'EOF'
<IfModule mod_rewrite.c>
 RewriteEngine off
Satisfy any

If all of this works, you should get a success message from and you’ll have a valid certificate!

Next, you’ll need to install that certificate.  Fortunately, has made this very easy recently.  First, set your username so that you’ll be able to deploy to the right account.

$ export DEPLOY_cPanel_USER=username

Next, deploy using the cPanel API that most hosts have enabled.

$ --deploy --deploy-hook cpanel_uapi --domain EXAMPLE.COM

There are some extra instructions on this page if you are doing multiple domains or other advanced things.

Finally, check that there’s a cron job set up so that your certs will automatically renew.  If not, create that yourself through cPanel or using the shell.

$ crontab -l

56 0 * * * "/home/USERNAME/"/ --cron --home "/home/USERNAME/" > /dev/null

That’s it.  Once this is done, you’ll be able to repeat this for each domain and have things set up nicely.

Good luck!

Agile Health

In my new company (stealth for the next few months while we finish our 2nd beta with over 1000 users), we get lots of questions from users, investors, partners, and the like about what we do.

One user stuck out by saying we were an “agile” health company and that’s what they liked about it. I never considered us to be agile, at least on the front end. Certainly, on our dev teams we do stuff like XP, TDD, etc. with all the associated tools, but I never considered that our user experience itself was agile until this user brought it up.

See, we think the health industry is backwards. You have to come up with THE ONE diet that will work for you. Trouble with that is, which one do you choose? One diet may work with some of your friends, another one with others. One diet that worked for you might literally kill someone else. Clearly, this is a terrible situation. It requires that you become an expert in no less than 5 major fields of medicine, training, psychology, and more. Who has time for that?

So we went back to the drawing board. What’s the simplest thing that could work? How can we value people over programs? How can we respond to change? How can we even create it reliably in the first place? We wanted real results, not theory. What I didn’t realize at the time, was that it sounded awfully close to the agile manifesto.

So we became experts. We consulted them, brought them on board, and learned everything we could. Now we can take anyone and get them results customized to them. 1000 people, 1000 different plans, 1000 cases of actual, measurable and remarkable results.

One size fits all is over. I’m so excited to release this to the world. I can’t wait for you all to see it. Updates coming soon.

New Gig, Old Hat

I’m newly the CTO of a new startup company.  Our CEO has cracked the code for metabolic health.  No more cookie cutter stuff, no more outdated old-wives’-tale diets.  Good science, good technology, and great results.  The best part?  It’s all in software.

Of course, I’ll be looking to expand my team soon, so if anyone is interested in changing an entire industry with us (yes, this truly will be “disruptive”) you should drop me a line.   ThoughtWorkers given priority access.

Hiatus is Over

I took a break from blogging for a while.  It’s time to come back.  I’ve been working hard behind the scenes of some major companies with some amazing people.  It’s time to show off some of my work.

The Importance of Good Tools

I saw a review today of a blender that struck me as an important reminder in having good tools.

One day at Costco my wife and I were going past one of those product demos where a salesman wearing a headset a-la-Madonna was showing off a blender. As we stood and watched I commented to my wife about how all of these people were just waiting to try a smoothie, and that there was no way this guy was going to get one of these suckers to pay $350 for a blender. A BLENDER. But who walked out with one? You guessed it.

Well, we also bought it because the guy reminded us about Costco’s liberal return policy. So for the next month, we used it…and used it…and used it. Each time, I’m thinking, $350 for a blender! But man, this thing is an incredible MACHINE. It made short work of blending anything and everything we’ve ever put into it.

First, most likely a great sales job from the sales rep. Did you know that they are outside vendors and not Costco employees? The thing that clenched it for the gentleman was Costco’s return policy. I use a guarantee every day in my online marketing efforts and in my hypnotherapy practice. Having essentially no risk is comforting for people and generates huge amounts of sales.

Second, this man is like most people when confronted with a great tool without having any knowledge about why they need it yet. They don’t see the benefits of owning a great piece of equipment to do a job. A superior programming language, a better saw, a maintenance-free computer, a great car, and yes, even a great blender, can enhance your experience and make the work you do with it amazing.

We use it every single day, often multiple times. Some times it is only for simple little chores that could have been done with a lower powered tool, like mixing up a mocha, but this thing is quiet on low speeds, and a barracuda at high speeds. I once believed that a blender only needed two speeds: off and high, because that’s pretty much all anyone ever uses, but I’ve changed after using the 10 variable speeds on the Vitamix.

This is a common reaction from someone who discovers nuance in their tools and work. It is at this level of mastery of a task and tool that fine distinctions of 10 different speeds come in handy. Only a few short days before, he couldn’t distinguish that level of precision and why he would use it.

Ultimately, I decided that though it’s $350 when you use something EVERY day, usually multiple times a day, and that tool works really, really well and you actually enjoy using it, it’s probably worth it. My previous $45 blender that I once thought was pretty good now sits gathering dust. I’m spoiled now.

People often wonder why experts buy such high quality tools when many times a simple one will do the work, but this gentleman has nailed it. When you use something that often, you notice things others don’t. It’s not about being spoiled though, it’s about having the distinctions of quality that come with continued use of a tool. A $45 blender isn’t bad, per se, but it just doesn’t have the range of use in the skilled hands of a user.

I have hesitated to send in this review because of it’s considerable expense, but it truly has been one of the most quintessentially cool tools that we’ve bought. I think anyone who uses a blender regularly, or might, will find this to be the best blender they ever own. Well worth the savings in time and grief over the less powerful, less tough brands.

And there we have it, savings in time and grief. My time is worth considerably more than what I pay for good tools. The best of tools only make you better at what you do, saving you time (money) and grief (time, or money).

So where does this leave us? Pay extra attention to your most important work. Things that you do often, things that cause you joy, things that give you the most out of your day. Then look at the tools you use to do that work, nay art. Could they be improved? Is there something out there you know is better? If there is, seek it out and try it for a while. ASK for a liberal return policy or some other type of guarantee if there isn’t one already. The best tools and people stand by their work. They give you a guarantee not because they fear things will break, but because sometimes it’s the only way to get people over their own fears and give the best a try, changing them forever. It’s a high mark to hit, but only the best ever get there anyway. Take the leap, get good tools for the work you do.

Fly First Class Like You Deserve

I spent years on the road and figured out many of these tricks on my own and even learned some new ones. For all of my friends still on the road, use these tricks to help yourself get a comfortable ride. You owe it to yourself to spend 5 minutes watching what took me weeks and months to learn from all sorts of different sources.

Using these tricks (along with flying to work), I racked up enough miles to have a week long vacation (hotel and airfare) every 2 months, for free, pretty much anywhere in the world. I’m STILL using points 2 years later to fly around the world and stay in great hotels for next to nothing.

Pretend You Are Leaving Tomorrow

Jonathan Rasmusson wrote a great post reminding us to Pretend you are going to be there forever.  His post is really great for contractors who mostly just come and go.

What works equally well is to pretend you are leaving tomorrow.  It’s a great exercise if you really do think you’ll be at your company for a long time and will have to maintain the software you create.  If you’re leaving tomorrow, what would you fix, document, clean up, or write tests for?  Who would you be nice to? We used to call this the “Hit by a bus” effect, but some people liked to use “the lottery winner” effect as the name. It really helped people get that they had to maintain their systems better and not become bottlenecks and share information.

Let’s see if we can make it a bit more general so that everyone can use it.

“Invert, always invert.” — Carl Gustav Jacob Jacobi

If you haven’t heard of Jacobi, you should check him out. Anyway, basically, all you have to do is think of the opposite of whatever position you are in. Have lots of time? Now pretend you have little. Have lots of people? What if you only had a few? Have only a little money? What if you had a lot? Stretching the constraints in your projects can really help you see new solutions. It’s helped me solve problems countless times for myself and my clients.

Are There Bones In Your Fish?

I went to lunch today to a nice restaurant in town and got something I have never had before: a salmon burrito. The meal tasted pretty good and I was having a good time with friends when I felt a small bone in my mouth, so I took it out. I thought to myself, “Well, it was an honest mistake, no big deal.” A few minutes later, I bit into another small bone. That was it. I was done with my meal. The important part though, is that I was done with the restaurant, probably for life. From two bones.

How often do you think about the basics? If you’re not executing perfectly on the basics, how can you expect to be executing at any higher level? Two bones in my burrito and you lose me as a customer for life. That’s potentially thousands of dollars. You might lose other customers at just one. Those bones just became pretty damn expensive for you. Quality is not just free, it’s money in the bank.

Of course, I’m not just talking about burritos and bones here. As your customers get more educated on what you do, they’ll begin to notice those bones. They’ve noticed them before, but just couldn’t pinpoint them. Now they can. What are you going to do?