
Why No HTTPS? - taytus
https://www.troyhunt.com/why-no-https-heres-the-worlds-largest-websites-not-redirecting-insecure-requests/
======
austincheney
In my case I cannot use a cert from one of the free providers, because
installation requires root access. I do not have root access on my managed
server. This is probably intentional so that my server host can charge money
for a Comodo cert. I could leave my host and put my site on as a free
github.io site or put it into Amazon or something like that.

Aside from the costly cert, which I actually DO NOT need, I really like my
current host. In the meantime this means I will continue to serve insecurely
over HTTP.

Why do you ask that I absolutely DO NOT need HTTPS. It is because my site is a
web productivity application written in JavaScript. It runs in the browser (or
command line) and saves all data in the browser. No user information is sent
back to the server and no personalized data or content is sent from the
server. This said my site is more secure over HTTP than most every other site
over HTTPS.

~~~
roneythomas6
You can use cloudflare or any other CDN that offers SSL. With Cloudflare you
don't need to install root certificate.

