Last night I secured this site using certificates from Let’s Encrypt. I’ve been meaning to do this for a long time, but since the site has no interactivity I wasn’t worried about any potential security risks.
That was until I migrated from Jekyll, which produced a static site, to Statamic, which generates pages dynamically and also provides an admin interface. Since this admin interface is accessible through the web, it is worth securing the site – if only for my own benefit.
The site is hosted on a virtual private server I share with some friends, and which I access via SSH. (There’s no GUI to speak of.) At the suggestion of those friends, I used the acme.sh script to issue certificates. It was a simple process to set up and I am hopeful that the certificates will be automatically renewed in 30 days.
If you notice any weirdness in the next few days or in about a month from now, let me know. It’s probably something related to this.