DEV Community

loading...

HTTPS Everywhere ! (Or at least on your website(s))

valentinpearce profile image Valentin Pearce ・1 min read

Originally posted on 2017-10-24 on my self-hosted WIP Blog

You might have noticed this website is encrypted !

This is because with the recent release of KRACK, the WPA2 vulnerability, I decided to setupt what I had tried to four months ago (see my previous post)

Last time, the process was difficult since my OS (Raspbian) was missing some dependencies and I had to fiddle with repositories lists to install software written for Debian.
I had no idea what I was doing and decided it was best not to continue.

This time on the other hand, I discovered certbot ! This Let's Encrypt client made it so much easier. This is how the process went :

  • Download certbot
  • RTFM
  • Run certbot
  • Fail because you haven't redirected port 443 to your server
  • Spend half an hour trying to remember your router's password (and fail)
  • Ask your network admin (aka Dad) for the password
  • Redirect port 443
  • Run certbot
  • Have a cup of tea and some biscuits to celebrate !

It's as easy as that ! So really, if you have a web server with self hosted apps, don't hesitate and encrypt everything !

Cheers !

Alzaï

Discussion (2)

pic
Editor guide
Collapse
chiangs profile image
Stephen E. Chiang

Certbot and let's encrypt really is awesome. Have a look at my post here to see if it's of any value to you too: article

Collapse
valentinpearce profile image
Valentin Pearce Author

I haven't used AWS services at all for now but it will probably allow me to experiment without putting my small server at risk.

I think if anybody needs more incentive to move towards SSL/HTTPS, the Chrome July Update should make that an evidence.