Https isn't just for e-commerce - making my blog https for free with cloudflare


#1

I recently switched my wordpress blog hosted here to https and have written about it here https://mashe.hawksey.info/2014/12/protecting-your-self-hosted-wordpress-from-threats-and-securing-with-httpsssl-for-free-with-cloudflare/ But why use the same security as banks and e-commerce sites for my blog? Here’s the quote I use in the piece:

Having cutting-edge encryption may not seem important to a small blog, but it is critical to advancing the encrypted-by-default future of the Internet. Every byte, however seemingly mundane, that flows encrypted across the Internet makes it more difficult for those who wish to intercept, throttle, or censor the web. In other words, ensuring your personal blog is available over HTTPS makes it more likely that a human rights organization or social media service or independent journalist will be accessible around the world. Introducing Universal SSL


#2

This remains a great tutorial for folks that want to use Cloudflare, however I figured I’d resurrect the thread to point out that we now offer free SSL certs courtesy of Let’s Encrypt and we have a guide on that at http://docs.reclaimhosting.com/miscellaneous/installing-free-ssl-certificates. The whole process has gotten incredibly easy thankfully.


#3

I’ve used the LetsEncrypt with the help of Tim to secure a Moodle installation that I have and will also be setting it up on my blogs as well. There are advantages to using LetsEncrypt over CloudFlare (and disadvantages of course) in terms of control of your domain and DNS.


#4

Adding this to my “round TUIT” list, thanks @timmmmyboy!


#5

I remembering my making 'Round TUITs" for my parents in grade 4/5 with Mrs. Parker. Thanks for the memory.


#6

I know this thread is old, but it’s what came up when I looked for “how to force http to https” - is an .htaccess file the preferred method here or is there another way I should be doing this on my reclaim site?


#7

.htaccess is the way to go, and there’s even an article for it with more clear guidelines :slight_smile: Force HTTPS for your site


#8

derp I just saw Timmyboy’s post for this at that post, sorry!