The cave gets HTTPS
28th August, 2016
Anth's Computer Cave is now using HTTPS in the main areas. This is the green padlock in your browser's address bar that indicates you are actually connected to the Cave, and that the connection is encrypted. The Internet is moving towards a time when all sites will need to be HTTPS-enabled to protect their visitors from various online threats.
If you have arrived at the Cave from an old link you may be reading this page using plain old HTTP, so you won't see the padlock yet. If so, click here to reset the page.
I've put this off for a while because the traditional options for obtaining HTTPS certificate are quite expensive when, like me, you run more than a few websites. In Aussie dollars you're looking at around $60 per site for the most basic certificates, and that's per-year. In the past there have been options to get free certificates that provided secure encryption, but weren't recognized by many browsers. This meant some users received warnings when they visited your website, which is obviously the last thing you want.
The free solution I recently discovered is Let's Encrypt, a tool to generate and validate your own certificates that work with all the major browsers including Chrome, Firefox, Internet Explorer and Microsoft Edge.
You may find Let's Encrypt a bit daunting at first-glance, but once you get one site up-and-running you'll know exactly what you are doing the next time.
The main issue I had was adding cerificates to a shared-hosting server where I did not have root access. I found a great tutorial at GlynRob that showed how to generate and validate your certificates on another Linux computer at home, then copy them to the hosted server. It takes about ten minutes once you get the hang of it.
We've still got some testing to do, and we haven't converted some of the sub-domains yet. Once they're done, we'll start automatically redirecting people visiting from older HTTP links over to HTTPS.
If you have any issues with the new system, or you want to share your experiences configuring certificates, I'd love to hear from you in the comment section below.