By default GitHub Pages are served over HTTPS but not if you want to use your own domain name. If you are using GitHub Pages to host your website and especially if your website generates sensitive information such as passwords then you need to take some steps to protect it.
- First you need to sign up for Cloudflare which is a service that acts as a proxy between your visitors and your hosting provider.
- Once you signed up add your domain name.
- Cloudflare will generate some custom records that match your domain registrar’s records.
- Go to your domain registrar’s website and change the domain name servers to those that Cloudflare provided.
- Go to Cloudflare Settings and switch from SSL to Flexible SSL.
That’s all! Just wait a few hours for the changes to take effect.
Then you’ll be able to visit your website using
A final step you might want to take is to optimize your website for search engines. Google is using https as a ranking signal in its search ranking algorithms.
canonical link in your website’s
head that points to the
https version of your website.
_config.yml and add the following: