A.K.A.
@AlexanderESmith
@AlexanderESmith
There’s no need to encrypt this data. Any entity that is watching you knows how to see the domains you visit, and everything on this site is on the main page, or a click away from it.
An SSL here is nothing more than security theater, or marketing.
I might have missed it, but it doesn’t look like their site accepts payment data, or has a login of any kind.
Why would the lack of SSL concern you?
Agreed on all counts.
My reply initially had a “if you had a fleet of these things…” addendum, but OP’s post read (to me) as though he was converting commodity hardware into a makeshift home server, so I removed it because it was almost certainly not relevant.
You’ll waste more time trying to figure out how to do this than it would take to move a monitor and keyboard to the server, do the install, and plug the monitor and keyboard back into your main computer. Once the server is up, you can administer it over the network via ssh.
“Best practice” isn’t a catch-all rebuttal. Best practices are contextual. I’m keen to see your justification for encryption beyond “all sites should encrypt everything always”.
My assertion is that this isn’t necessary in this case. Why do you think that it is necessary to encrypt open-source, freely available, non-controversial site content?