With the recent release of the SSLSniff tool, other various privacy issues, and the need for security culture amongst activists, running our activist websites in a secure manner is increasingly important.  One of the ways that you can dramatically and easily increase the security and privacy of your server is to enable Secure Sockets Layer (SSL) for all of your clients, all of the time. 

The problem with only enabling SSL some of the time is twofold.  The first benefit is that your readers and end-users may not want everyone else on the net to know what they are reading, even if it is not traditionally sensetive material (i.e. passwords, etc.)   Some users of hackbloc may not want the other people on their lan to know anything about what they are reading (other than where it comes from of course).  This technique however will not prevent attacks like SSLSniff from working.

Hackbloc already uses this technique, if you look above you will see that you are at an https website!  So how do we enable this technique?  Simple, just copy and paste the following code into your .htaccess file:

RewriteCond %{HTTP_HOST} ^hackbloc\.org$ [NC]
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://hackbloc.org/$1 [L,R=301]

Of course, you will need to make sure that you have mod_rewrite enabled on your server.  But that is all you need!  There is one downside to this, if you do not have a certificate from a major cert company, your firefox using visitors will receive this lovely error screen.  Unfortunately there is no way around this other than getting a certificate from a major authority, or pestering the mozilla foundation into adding cacert.com to their root certificates.  So get to it!