Tue 08 September 2020 by Jim Purbrick

Before my recent post about leaving Facebook, it had been a while since I’d updated The Creation Engine and it turned out I had some housekeeping to do. After pushing the Pelican output to I got a mail from GitHub saying that I needed to update the DNS records to point to a new set of IP addresses and while doing that I noticed that GitHub now supports HTTPS for GH-Pages hosted sites.

After the DNS changes had propagated I loaded up and saw that a lot of the styling was broken. The issues tab in Chrome’s Inspector revealed which resources were still being loaded over HTTP and it only took a few minutes editing the Pelican configuration and some of the templates to make the site use relative links and load externally hosted images and CSS over HTTPS.

A few minutes after that the changes were pushed to GitHub and loaded without any broken styling or HTTPS issues in Chrome inspector and with a reassuring padlock in the address bar. While it’s unlikely that serving a personal static blog over HTTP would have caused any problems with eavesdroppers or man-in-the-middle attacks, I’m happy about being a good citizen and promoting safe and secure habits on the web.