Security.md

🐳 Security

⭐️ GOAL: Learn more about HTTPS, SSL, and how to keep your projects secure using environment variables.

⏰ Agenda

• [20m] Activity: Blog Brainstorming
• [10m] Discuss: Share Your Ideas
• [20m] Investigate: Let's Encrypt
• [10m] BREAK
• [20m] TT: HTTPS and Environment Variables on CapRover
• [15m] Demo & Mini-Challenge: Enable HTTPS on CapRover
• [25m] Lab Time: Blog Post, Project, or Presentation

🏆 Objectives

1. Compare and contrast HTTP and HTTPS.
2. Enable HTTPS on your CapRover applications.

[20m] Activity: Blog Brainstorming

Work on brainstorming potential titles and subjects for your final blog post in a breakout group. Remember, it's due next week!

Write down and decide on your favorites. We'll discuss them later in class!

[10m] Discuss: Share Your Ideas

The instructor will ask students to share one idea each.

[20m] Investigate: HTTPS & Let's Encrypt

Overview

Activity

In breakout groups, use the CapRover Documentation and the Let's Encrypt documentation to answer the following questions:

1. What is Let's Encrypt?
2. Who uses it?
3. Why is it important?
4. How does Let's Encrypt relate to CapRover?
5. Should you always use HTTPS in your applications?

[10m] BREAK

[20m] TT: HTTPS and Environment Variables on CapRover

Use the CapRover Documentation to highlight the steps to configuring HTTPS and environment variables on a CapRover instance.

[15m] Demo & Mini-Challenge: Enable HTTPS on CapRover

1. Navigate to the Apps page on your CapRover dashboard.
2. Select the first app you deployed.
3. Click the Enable HTTPS button on the HTTP Settings page.
4. Check the Force HTTPS by redirecting all HTTP traffic to HTTPS checkbox.
5. Click Save & Update.
6. Repeat for the second application you deployed!

[25m] Lab Time: Blog Post, Project, or Presentation

Use the remainder of class time to continue working on your final project, due next Friday!

📚 Resources & Credits

• Let's Encrypt
• CapRover Documentation