A little HTTPS for all

One downside of running a self-hosted WordPress site has been the lack of encryption with I’m logged in. This means my login credentials are sent in the clear across the Internet with who knows what three letter agencies and not so innocent folks potentially listening in. This is probably a major reason why I rarely blog when I travel.

Not any longer: this site is now fully SSL enabled. All HTTP traffic is now redirected to its HTTPS equivalent even for normal, every day visitors, however few there are.

Many thanks to this Digital Ocean tutorial for describing how to configure SSL certificates and for some semi-ancient knowledge from my early days on the Dyn tech support team when we were SSL certificate resellers.  It by and large went very smooth, with only a few minor hiccups that are probably due to my lack of experience than the tutorial.

Now to experiment with TLSA records…

Update: Thanks to some tweaking with my config, this site now receives an A+ on the Qualys SSL Labs test.