Over two and a half years ago, when Let's Encrypt launched their free SSL certificate services, I signed up to them,  generating a SSL certificate for chuacw.ath.cx so that this site can run on SSL.

Since then, I've made slight modifications on this site in an incremental manner so as to add functionality to make it SSL-compatible, while ensuring the site still works when retrieved using HTTP.

Since yesterday, I've made the final transition to switch this site to SSL, by adding the following piece of C# code into Global.asax in the site's root directory.

<%@ Application Language="C#" Codebehind="Global.asax.cs" Inherits="CommunityServer.Global" %>

<script runat="server">

protected void Application_BeginRequest()
{
    switch (Request.Url.Scheme)
    {
        case "https":
            Response.AddHeader("Strict-Transport-Security", "max-age=3542400");
            break;
        case "http":
            String path = "https://" + Request.Url.Host + Request.Url.PathAndQuery;
            Response.Status = "301 Moved Permanently";
            Response.AddHeader("Location", path);
            Response.End();
            break;
    }
}

</script>