I decided to bite the bullet and obtain an SSL certificate and install it on this VPS, and configure Apache2 to use HTTPS instead of plain HTTP.

I used Fasthost again to obtain the SSL certificate, and some of their instructions were a little dodgy regarding the steps to install it and get Apache to work with SSL. I managed in the end though.

gm4slv.org.uk now has a SSL certificate and connections to port 80 HTTP will be automatically redirected to port 443 HTTPS.

The steps with Apache (ignoring the process of obtaining the certificates):

There are 3 certificate files:

1. *.key is generated on the VPS itself with

   openssl req -new -newkey rsa:2048 -nodes -keyout gm4slv.org.uk.key -out gm4slv.org.uk.csr 

2. the signed *.crt file obtained from the signing authority via FastHost (it's the gm4slv.org.uk.csr key signed by the authority's key)
3. the “intermediate” file obtained from the signing authority via FastHost (this is the “chain of authority” file?)

Once the keys are to hand:

1. copy the 3 certificate files to a directory on the VPS. I used /usr/local/ssl/
2. tell Apache where to find the keys:
   • add to default-ssl.conf virtual host site file
     • SSLCertificateFile /usr/local/ssl/signed.crt
     • SSLCertificateKeyFile /usr/local/ssl/gm4slv.org.uk.key
     • SSLCertificateChainFile /usr/local/ssl/ca.pem
3. add ssl mod to Apache:

    a2enmod ssl 

4. make symbolic link in sites-enabled pointing to sites-available/default-ssl.conf
5. restart apache
6. open VPS firewall port 443 in FastHost control panel
7. browse to https://gm4slv.org.uk
8. set up redirect of plain HTTP to SSL HTTPS by adding to 000-default.conf

       ServerName gm4slv.org.uk
       ServerAlias www.gm4slv.org.uk
       Redirect permanent / https://gm4slv.org.uk/

9. restart apache

Job Done