Add local https compatibility

.env.example

@@ -24,13 +24,14 @@ MYSQL_PASSWORD=wordpress
 # For *.localhost domains, no /etc/hosts entry is needed on most systems
 WORDPRESS_HOSTNAME=wooco.localhost
 WORDPRESS_PORT=8000
+WORDPRESS_SSL_PORT=8443
 
 # WordPress Admin Configuration
 WP_ADMIN_USER=admin
 WP_ADMIN_PASSWORD=admin123
 WP_ADMIN_EMAIL=admin@example.local
 WP_SITE_TITLE=WooCommerce Dev Site
-WP_SITE_URL=http://wooco.localhost:8000
+WP_SITE_URL=https://wooco.localhost:8443
 
 # Xdebug Configuration
 XDEBUG_MODE=debug

.github/workflows/docker-build-test.yml

@@ -38,6 +38,15 @@ jobs:
 
           cat .env
 
+      - name: Generate SSL certificates
+        run: |
+          mkdir -p ssl
+          openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+            -keyout ssl/key.pem \
+            -out ssl/cert.pem \
+            -subj "/C=US/ST=State/L=City/O=Development/CN=localhost" \
+            -addext "subjectAltName=DNS:localhost,IP:127.0.0.1"
+
       - name: Build Docker images
         run: docker compose build
         timeout-minutes: 10
@@ -64,7 +73,7 @@ jobs:
         run: |
           # Check if WordPress responds
           response=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8000)
-          if [ "$response" -ne "200" ] && [ "$response" -ne "302" ]; then
+          if [ "$response" -ne "200" ] && [ "$response" -ne "301" ] && [ "$response" -ne "302" ]; then
             echo "WordPress is not responding correctly (HTTP $response)"
             exit 1
           fi
@@ -210,7 +219,7 @@ jobs:
       - name: Test WordPress site accessibility
         run: |
           response=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8000)
-          if [ "$response" -eq "200" ]; then
+          if [ "$response" -eq "200" ] || [ "$response" -eq "301" ] || [ "$response" -eq "302" ]; then
             echo "✓ WordPress site is accessible (HTTP $response)"
           else
             echo "✗ WordPress site returned HTTP $response"

.gitignore

@@ -1,6 +1,9 @@
 # Environment files
 .env
 
+# SSL Certificates (locally generated)
+ssl/
+
 # Docker volumes
 db_data/
 

Dockerfile

@@ -22,6 +22,13 @@ RUN apt-get update && apt-get install -y \
 # Install PHP extensions
 RUN docker-php-ext-install zip pdo_mysql
 
+# Enable Apache SSL module and rewrite
+RUN a2enmod ssl rewrite
+
+# Copy SSL configuration
+COPY ssl-config.conf /etc/apache2/sites-available/default-ssl.conf
+RUN a2ensite default-ssl
+
 # Install Xdebug (version depends on PHP version)
 # PHP 7.4: Xdebug 3.1.x
 # PHP 8.0-8.2: Xdebug 3.2.x

QUICKSTART.md

@@ -10,6 +10,7 @@ Get your WordPress + WooCommerce development environment running in 5 minutes!
 
 The script automatically:
 - ✅ Creates `.env` configuration file
+- ✅ Generates SSL certificates (HTTPS support)
 - ✅ Builds Docker containers with your chosen PHP version
 - ✅ Installs WordPress
 - ✅ Installs WooCommerce
@@ -20,13 +21,17 @@ The script automatically:
 
 ## Access Your Site
 
-- **Frontend**: http://wooco.localhost:8000
-- **Admin**: http://wooco.localhost:8000/wp-admin
+- **Frontend**: https://wooco.localhost:8443
+- **Admin**: https://wooco.localhost:8443/wp-admin
 - **PHPMyAdmin**: http://localhost:8080
 
 **Login**: admin / admin123
 
-**Note:** You can change the hostname in `.env` file.
+**Note:**
+- HTTPS is enabled by default with auto-generated SSL certificates
+- If you see a browser warning (self-signed cert), click "Advanced" → "Proceed"
+- Install [mkcert](https://github.com/FiloSottile/mkcert) for trusted certificates (no warnings)
+- You can change the hostname in `.env` file
 
 ## Add Your Plugin
 
@@ -89,12 +94,12 @@ docker-compose exec wordpress bash
 1. Install "PHP Debug" extension
 2. Press `F5` to start debugging
 3. Add breakpoints in your plugin code
-4. Visit: `http://wooco.localhost:8000/?XDEBUG_TRIGGER=1` (or your configured hostname)
+4. Visit: `https://wooco.localhost:8443/?XDEBUG_TRIGGER=1` (or your configured hostname)
 
 ### PhpStorm
 1. Settings → PHP → Debug → Port: `9003`
 2. Click "Start Listening for PHP Debug Connections"
-3. Visit: `http://wooco.localhost:8000/?XDEBUG_TRIGGER=1` (or your configured hostname)
+3. Visit: `https://wooco.localhost:8443/?XDEBUG_TRIGGER=1` (or your configured hostname)
 
 ## Sample Data
 
@@ -114,8 +119,8 @@ The environment includes all WooCommerce product types:
 - jane.smith@example.com / customer123
 
 **Quick Links:**
-- Products: http://wooco.localhost:8000/wp-admin/edit.php?post_type=product
-- Customers: http://wooco.localhost:8000/wp-admin/admin.php?page=wc-admin&path=/customers
+- Products: https://wooco.localhost:8443/wp-admin/edit.php?post_type=product
+- Customers: https://wooco.localhost:8443/wp-admin/admin.php?page=wc-admin&path=/customers
 
 ## Testing
 

README.md

@@ -41,15 +41,19 @@ That's it! The setup script will:
 
 After setup completes:
 
-- **Frontend**: http://wooco.localhost:8000 (or your configured hostname)
-- **Admin**: http://wooco.localhost:8000/wp-admin
+- **Frontend**: https://wooco.localhost:8443 (or your configured hostname)
+- **Admin**: https://wooco.localhost:8443/wp-admin
 - **PHPMyAdmin**: http://localhost:8080
 
 **Default Login:**
 - Username: `admin`
 - Password: `admin123`
 
-**Note:** `*.localhost` domains work without editing `/etc/hosts` on most systems. You can customize the hostname in `.env`.
+**Note:**
+- `*.localhost` domains work without editing `/etc/hosts` on most systems
+- HTTPS is enabled by default with auto-generated SSL certificates
+- If using mkcert, you won't see any browser warnings
+- If using self-signed certs, click "Advanced" and "Proceed" on the browser warning
 
 ## Project Structure
 
@@ -190,6 +194,45 @@ docker-compose up -d
 wp search-replace 'old-url.com' 'new-url.com' --allow-root
 ```
 
+### SSL/HTTPS Configuration
+
+HTTPS is enabled by default for secure local development. The setup script automatically generates SSL certificates.
+
+**Using mkcert (Recommended - No Browser Warnings):**
+
+```bash
+# Install mkcert (one-time setup)
+# macOS
+brew install mkcert
+brew install nss # for Firefox
+
+# Linux
+apt install mkcert # or your package manager
+
+# Windows
+choco install mkcert
+
+# The setup.sh script will automatically use mkcert if available
+```
+
+**Using Self-Signed Certificates (Fallback):**
+
+If mkcert is not installed, the setup script automatically generates self-signed certificates. You'll see a browser security warning - this is normal. Click "Advanced" and "Proceed" to continue.
+
+**Manual Certificate Regeneration:**
+
+```bash
+# Regenerate SSL certificates for a specific hostname
+./scripts/generate-ssl-certs.sh your-hostname.localhost
+
+# Restart containers to apply changes
+docker-compose restart wordpress
+```
+
+**Ports:**
+- HTTPS (SSL): `8443` (configurable via `WORDPRESS_SSL_PORT` in `.env`)
+- HTTP: `8000` (auto-redirects to HTTPS)
+
 ## Development Tools
 
 ### WP-CLI
@@ -223,7 +266,7 @@ docker-compose exec wordpress wp cache flush
 4. Add breakpoints in your plugin code
 5. Visit your site with `?XDEBUG_TRIGGER=1` in the URL
 
-Example: `http://wooco.localhost:8000/?XDEBUG_TRIGGER=1` (or your configured hostname)
+Example: `https://wooco.localhost:8443/?XDEBUG_TRIGGER=1` (or your configured hostname)
 
 #### PhpStorm
 
@@ -295,8 +338,8 @@ The environment includes these WooCommerce product types:
 - John Doe (john.doe@example.com / customer123)
 - Jane Smith (jane.smith@example.com / customer123)
 
-View products: http://wooco.localhost:8000/wp-admin/edit.php?post_type=product
-View customers: http://wooco.localhost:8000/wp-admin/admin.php?page=wc-admin&path=/customers
+View products: https://wooco.localhost:8443/wp-admin/edit.php?post_type=product
+View customers: https://wooco.localhost:8443/wp-admin/admin.php?page=wc-admin&path=/customers
 
 ### Adding More Sample Data
 

docker-compose.yml

@@ -31,10 +31,14 @@ services:
         condition: service_healthy
     ports:
       - "${WORDPRESS_PORT:-8000}:80"
+      - "${WORDPRESS_SSL_PORT:-8443}:443"
     volumes:
       # Mount entire WordPress directory for local development
       - ./wordpress:/var/www/html
       - ./scripts:/var/www/scripts
+      # Mount SSL certificates
+      - ./ssl/cert.pem:/etc/ssl/certs/cert.pem:ro
+      - ./ssl/key.pem:/etc/ssl/private/key.pem:ro
     restart: unless-stopped
     environment:
       WORDPRESS_DB_HOST: db:3306

scripts/generate-ssl-certs.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+
+set -e
+
+# Colors for output
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+RED='\033[0;31m'
+NC='\033[0m' # No Color
+
+HOSTNAME=${1:-wooco.localhost}
+SSL_DIR="$(dirname "$0")/../ssl"
+
+# Create SSL directory if it doesn't exist
+mkdir -p "$SSL_DIR"
+
+echo -e "${GREEN}Generating SSL certificates for: ${HOSTNAME}${NC}"
+
+# Check if mkcert is available
+if command -v mkcert >/dev/null 2>&1; then
+    echo -e "${GREEN}Using mkcert to generate locally-trusted certificates...${NC}"
+
+    cd "$SSL_DIR"
+    mkcert -install
+    mkcert "$HOSTNAME" "*.${HOSTNAME}" localhost 127.0.0.1 ::1
+
+    # Rename files to standard names
+    mv "${HOSTNAME}+4.pem" cert.pem 2>/dev/null || true
+    mv "${HOSTNAME}+4-key.pem" key.pem 2>/dev/null || true
+
+    echo -e "${GREEN}✓ Locally-trusted SSL certificates generated!${NC}"
+    echo -e "${GREEN}✓ No browser warnings will appear${NC}"
+else
+    echo -e "${YELLOW}mkcert not found. Generating self-signed certificates...${NC}"
+    echo -e "${YELLOW}Note: Browser will show security warnings (this is normal for self-signed certs)${NC}"
+    echo -e "${YELLOW}Install mkcert for trusted certificates: https://github.com/FiloSottile/mkcert${NC}"
+
+    # Generate self-signed certificate with openssl
+    openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+        -keyout "$SSL_DIR/key.pem" \
+        -out "$SSL_DIR/cert.pem" \
+        -subj "/C=US/ST=State/L=City/O=Development/CN=${HOSTNAME}" \
+        -addext "subjectAltName=DNS:${HOSTNAME},DNS:*.${HOSTNAME},DNS:localhost,IP:127.0.0.1"
+
+    echo -e "${GREEN}✓ Self-signed SSL certificates generated${NC}"
+    echo -e "${YELLOW}⚠ Browser will show security warnings (click 'Advanced' and 'Proceed')${NC}"
+fi
+
+echo ""
+echo -e "${GREEN}SSL certificates created at:${NC}"
+echo "  Certificate: $SSL_DIR/cert.pem"
+echo "  Private Key: $SSL_DIR/key.pem"
+echo ""

setup.sh

@@ -96,6 +96,27 @@ load_env() {
     fi
 }
 
+# Generate SSL certificates
+generate_ssl() {
+    print_header "Generating SSL Certificates"
+
+    local hostname="${WORDPRESS_HOSTNAME:-wooco.localhost}"
+
+    # Check if certificates already exist
+    if [ -f "${SCRIPT_DIR}/ssl/cert.pem" ] && [ -f "${SCRIPT_DIR}/ssl/key.pem" ]; then
+        print_warning "SSL certificates already exist. Skipping generation..."
+        read -p "Do you want to regenerate them? (y/N): " -n 1 -r
+        echo
+        if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+            return
+        fi
+    fi
+
+    # Run the certificate generation script
+    bash "${SCRIPT_DIR}/scripts/generate-ssl-certs.sh" "${hostname}"
+    print_success "SSL certificates generated for ${hostname}"
+}
+
 # Build and start Docker containers
 start_containers() {
     print_header "Building and Starting Docker Containers"
@@ -313,6 +334,7 @@ main() {
     check_prerequisites
     setup_env
     load_env
+    generate_ssl
     start_containers
     wait_for_services
     install_wordpress

ssl-config.conf

@@ -0,0 +1,28 @@
+<VirtualHost *:443>
+    ServerAdmin admin@localhost
+    DocumentRoot /var/www/html
+
+    SSLEngine on
+    SSLCertificateFile /etc/ssl/certs/cert.pem
+    SSLCertificateKeyFile /etc/ssl/private/key.pem
+
+    <Directory /var/www/html>
+        Options Indexes FollowSymLinks
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    ErrorLog ${APACHE_LOG_DIR}/error.log
+    CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
+
+# Redirect HTTP to HTTPS
+<VirtualHost *:80>
+    ServerAdmin admin@localhost
+    DocumentRoot /var/www/html
+
+    # Redirect all HTTP traffic to HTTPS
+    RewriteEngine On
+    RewriteCond %{HTTPS} off
+    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
+</VirtualHost>