HTTPS on Custom Domain
Opened this issue · 3 comments
Hi,
Noticed your documentation went all the way up to using custom domains w/ Github Pages. However, there's one more pretty important step that you might have missed out - Getting to HTTPS with the custom domain.
How about LetsEncrypt with Kloudsec CDN?
Full disclosure: I work at Kloudsec
Since the origin doesn't support https, wouldn't this essentially be a cloudflare-style MITM attack?
Hah, we call it man-in-the-middle act of security. That said, you are right. The encryption only happens from Custom Domain <-ENCRYPTED-> Kloudsec's Anycast Network <-NORMAL-HTTP-> Github.
But hey, if you live in a country that doesn't give a shit about your privacy like I do. Any HTTPS is better than none.
That is not to say we do not support full-stream encryption. But it requires another step of integration on the origin server.
In this case, we can't configure Github so..
I think that could be done with CloudFlare as well.
Disclosure: I do NOT work at CloudFlare