I setup my github pages hosted blog site (this one) to be running HTTPS by using Cloudflare. There is no cost involved.


I used this article Cloudflare blog but didn’t setup any rules yet. The concept is that Cloudflare registers a certificate for you for free.


Point DNS to Cloudflare

I use DNSimple to register my domain name then pointed it’s DNS to Cloudflare. DNS

Enforce HTTPS via Cloudflare

I want all and traffic to resolve to Under the Crypto tab on Cloudflare SSL

Turn off Injected Javascript (Email Address Obfuscation)

By default you will get an injected javascript file on all pages to help email addresses be obfuscated called email-decode.min.js. No thank you. In the Scrape Shield menu option. SSL and server side excludes I turned off too.

Don’t use Cloudflare’s Cache

We can disable it for 3 hours like this SSL Or disable it completely using a page rule: Rule