I use GitHub Pages to host this blog - it uses Jekyll which allows me to write posts in Markdown, and yet it’s flexible enough so that I can embed
GitHub Pages are typically hosted on a subdomain of github.io, such as https://keanulee.github.io. You can also setup your own custom domain, which allows my blog to be hosted at http://blog.keanulee.com.
See the difference?
One disadvantage of using a custom domain is tha your page will no longer work over HTTPS. This is because the GitHub servers only has a SSL certificate that covers *.github.io domains, not keanulee.com or any of its subdomains.
Web developers should care about HTTPS. It protects the information submitted by users, it protects the website from man-in-the-middle attacks, and it can even improve your search rankings. Some APIs, such as the Uber API I used in the Welcome to Polymer post, require the origin to be an HTTPS site.
For those interested, this Google I/O 2014 talk explains why HTTPS is important.
The observant reader should realize that this post is in fact served over HTTPS, so how did I make this work? CloudFlare, a DNS and CDN service provider, offers a feature called Universal SSL that secures the connection between your users and CloudFlare’s user. You don’t even need to purchase your own SSL certificate - CloudFlare will provide a wildcard certificate that works for all your subdomains.
- Sign up for CloudFlare with your domain.
- Go to your domain registar’s website, and update your nameservers to point to the one provided by CloudFlare.
- On CloudFlare, go to your domain’s DNS settings and create a CNAME record that is an alias of “<user/org name>.github.io”. For example, I have a CNAME record for “blog” that is an aliad of “keanulee.github.io”. (Instructions on GitHub)
- On CloudFlare, go to your domain’s ClouldFlare settings and set the SSL setting to Flexible SSL.
- On the root of your GitHub repository, create a file named “CNAME” that contains just the the your hostname. For example, the CNAME file for this blog contains:
It’s important to note that this setup is not fully secure - the connection between CloudFlare and GitHub pages is not secured. Since GitHub doesn’t have a SSL certificate for your domain, Full SSL is not possible with a custom domain. However, this setup does provide some protection your users (e.g. from the hacker on the same unsecured Wi-Fi network), and it allows your site to behave as if it has SSL (e.g. for web crawlers, APIs).