As a security architect, I take website security and performance seriously. Recently, I migrated my site off Squarespace and implemented HTTPS to ensure all traffic is encrypted and visitors are protected.
Part of that process was evaluating how best to enable HTTPS and long-term certificate management. Many providers offer free certificates, but often with the requirement to manually renew or reconfigure every few months. After evaluating options, I chose Cloudflare’s free plan because it provides:
- Automatic, always-up-to-date SSL/TLS certificates (no manual renewals required).
- Built-in HTTP-to-HTTPS redirect support.
- Additional protections such as DDoS mitigation and global CDN caching.
- Performance improvements from traffic optimization at the edge.
For a personal or small business site, getting this level of security and performance without cost is remarkable. Other providers have partial offerings, but Cloudflare’s breadth of features stood out during my evaluation.
Key security decisions I applied:
- Fully encrypted traffic with HTTPS (via Cloudflare) to eliminate eavesdropping risks.
- Automatic HTTP-to-HTTPS redirects to ensure all requests are secure.
- Clean DNS records to reduce potential attack surfaces.
- Verification that all server logs and analytics (GoAccess) still function correctly.
In addition, I made a conscious choice to:
- Eliminate all third-party scripts and analytics to maximize privacy and reduce potential security vulnerabilities.
- Optimize performance by removing external dependencies, resulting in faster load times.
These decisions have led to measurable results:
- Perfect performance — Lighthouse scores of 100/100 across mobile, desktop, accessibility, best practices, SEO, and performance when testing the canonical URL www.justingengo.com.
- Enhanced privacy — no third-party scripts or analytics are used, so visitor data is fully under control.
- Increased security — reducing external dependencies minimizes potential attack vectors.
Note: Testing the non-canonical domain (justingengo.com) results in slightly lower performance scores due to necessary redirects to the canonical URL. This illustrates how even minor redirects can affect performance metrics, and why proper URL canonicalization and redirect management are important for both speed and SEO.
Achieving a perfect Lighthouse score is challenging. It requires careful design choices and deliberate trade-offs. For example, to reach 100/100, I removed all third-party scripts and analytics. While this makes the site faster, more secure, and more private, it also means sacrificing some convenience features like embedded widgets or tracking metrics.
All of this is built on my own custom mini-CMS, created with .NET C# MVC. The system includes a dynamic subdomain and subweb structure: a single code base generates a structured site in which new subwebs can be added with no additional coding, and they all automatically maintain 100% scores for SEO, accessibility, and performance. This demonstrates the power of clean, secure, and scalable coding practices under my control.
Here’s a screenshot of my Lighthouse report for the canonical URL, showing all categories at 100/100:
For anyone running a website, implementing HTTPS and designing with privacy and performance in mind isn’t just best practice — it’s essential. With providers like Cloudflare offering SSL, CDN, and security protections entirely free, the barriers to doing so are lower than ever.