I just noticed that this website doesn’t support TLS even though it’s hosted on CloudFlare. I’m not a big fan of them but they provide really basic stuff that every modern website needs to have such as TLS support, HSTS and DNSEC. And of course there’s Let’s Encrypt that provides free automated certificates.
Not only all this is important security fixed but also they significantly improves the privacy of the users.
Can we pretty please have HSTS and DNSEC enabled?