Xiaoz Blog Fully Enables HTTPS Across the Site

Back in September, Xiaoz Blog already enabled HTTPS support (Xiaoz Blog Enables HTTPS Support, Welcome to Test), but it was not fully enabled at that time, and HTTP access was still available. However, after several months of testing and consideration, we have now decided to fully enable HTTPS, both for security and to show off.

1. Challenges Encountered

Fully enabling HTTPS brought compatibility issues that were quite troublesome. Previously, the blog used an architecture of intelligent resolution plus Nginx reverse proxy, but we found that HTTPS on CDN nodes was problematic. After weighing the options, we temporarily abandoned this architecture.

Additionally, the blog has always used Qiniu Cloud Storage to host static resources. Although Qiniu supports HTTPS, web fonts (.ttf, .woff) displayed as garbled text, which prevented full HTTPS enablement for a long time. However, after communicating with Qiniu customer service, we successfully deployed SSL on our bound domain (https://pic.bsdev.cn), and the web font garbled text issue was resolved.

Domestic sharing buttons seem to not support HTTPS, so we had to remove the analysis buttons and only kept a sharing button rewritten using the official Weibo code.

2. Next Steps

With search engines placing increasing importance on HTTPS and security considerations, HTTPS is inevitable (although I did it partly to show off). The blog has also been tested on PHP7, and there are still a few compatibility issues in some areas, but they are currently being debugged. It is expected that the blog will soon be deployed to PHP7, which should significantly improve performance. Stay tuned, and thank you all for your continued support. Happy New Year!