Easy! That’s what it is. No excuses anymore! Just because I was feeling like it, I decided to make this website a bit more „secure“ (even tough you might argue, that this might not be necessary for a personal blog ;). Well, I did it because it was done in no more than 30 minutes.

Let me lay down the steps:

1. you get an ssl certificate for your domain. I got mine from StartSSL. They offer free class 1 certificates you can use for your server.
2. you install your certificate in your Apache2 webserver. I used a tutorial I found on google.
   1. One amendment to this point: don’t forget to add your CA and intermediate CA certificates. When using StartSSL follow this tutorial.
3. you get mod_spdyfrom the google developers page and follow their excellent tutorial to install it with your server.
   1. Another amendment: when using mod_spdy and want to serve PHP files. Please make sure you do not rely on mod_php to do that, as it is not thread safe and thus is incompatible with mod_spdy. I configured mod_fcgid to serve the php files as descirbed in this tutorial.

Three steps. That’s all there is to do. Easy. Isn’t it? Even you could do it. So let’s make the web a safer place. Use this crypto stuff. It doesn’t hurt (any more).

If you got questions or remarks feel free to comment or send me an email!

Another remark:

For those hosting their own piwik installation (as I do), you do not want to have this installation being reachable only via http when securing your page with SSL as this (obviously) breaks your tracking. So make sure, the piwik tracking code can also be reached via https with a valid certificate.