I had to do it eventually. My security expert credentials (such as they are) were coming under question from my lack of https on my web server. This was partly due to that until recently it would have required additional expense, as additional IPs would been needed and also SSL certificates. Not so anymore! Let’s Encrypt is a great service where you can get free SSL certificates for your website, although I highly recommend giving a small donation if you are able. At this point I would normally write a blog post detailing how I setup the service for my server and websites. However as I run my server on Bytemark’s Symbiosis I didn’t have to do anything other than turn it on. All config done automatically, I did add a file named ‘ssl-only’ to the ‘config’ dir of my hosts to ensure that all traffic is redirected to https. I would have done it sooner but I needed to upgrade the OS on my server and in order to do that I needed to check backups and all that stuff that you should do anyway.