Serving Github Pages over HTTPS using Cloudflare

2 minute read

It’s official, cypher.codes is now served over HTTPS!

Since Github pages doesn’t support serving sites with custom domains over HTTPS, I naïvely didn’t think it was possible. But some carefully crafted search queries surfaced a Cloudflare tutorial to do just that.

This website is now encrypted between the user (you) and Cloudflare, and between Cloudflare and Github. I trust both these companies so I’m pretty pleased with this setup.

The whole migration (if you can call it that), including setting up a free Cloudflare account, changing domain nameservers and setting up the correct page rules, took less than an hour. And that included a phaff where I changed nameservers for cypher.cool mistake. I highly recommend every Github Pages user follows the steps in the link above.

Interestingly, I think(?) the certificate Cloudflare provides to cypher.codes visitors is shared with other other fun domains. (One of them an online casino, another a Russian porno torrent service).

Domains for which my Cloudflare certificate is valid

So Fast, So Secure

A nice added benefit is that Cloudflare automatically minifies your text assets (JS, CSS and HTML) and caches your content at it’s edge nodes (after all, they are a CDN) so you can expect the website to be smaller and quicker! Also, if someone tries to DDOS me, I should be better off.

In other news, I should win the award for the most verbose blog post title, right?


Update (May 6, 2018): As of May 1, 2018, GitHub pages supports HTTPS for custom domains! Today, I migrated cypher.codes off of Cloudflare’s HTTPS certificates and onto GitHub’s Let’s Encrypt HTTPS certificates. This migrate included a couple of minutes of unexpected downtime.

However, I’m still using Cloudflare for other security-related features (like DNSSEC)!

background Layer 1