Ask HN: Encryption for blog posts on static sites?

10 points by dhruvkar ↗ HN
Is there a simple way to add encryption to a static site (e.g. hugo, jekyll etc.) and it can be decrypted on the browser without a backend?

This would be for something like a personal journal or close-friends only blog posts while keep the rest of the site open.

14 comments

[ 3.9 ms ] story [ 45.2 ms ] thread
Wouldn't adding a lets encrypt certificate to enable https do exactly that?
hmmm, I phrased the question incorrectly I think. Bear with me, I may not have the right vocabulary for this:

Let's say I have a blog post. I want it scrambled (encrypted) unless a password is entered on the client side so it can be read. I would give out the password to specific people only, who'd be able to read it.

Could an SSL certificate be used for that?

No, you'd probably need some Javascript.

But why not this: publish the blog post the normal way and configure the web server to only serve it to people with a proper username/password (HTTP Basic Authentication).

All browsers and web servers let you do that.

For Apache, see this example: https://httpd.apache.org/docs/current/howto/htaccess.html#au...

want it for a static site, no access to the backend. I dont want to run a full blown website, just want access control. possible?
Sure, if your web hoster allows .htaccess files (most do). You just put that file next to your HTML files.
Have you ever hosted something github pages or netlify? Those are the situations I'm talking about, where an htaccess or any server side access control wouldn't work.
No, I haven't. But since you did not tell anyone about that requirement, how was I to guess it?
You're right. I assumed mentioning static site with Hugo or Jekyll was enough.

To clarify, it would be a static site with hosting on something like netlify or github or gitlab pages, where you don't have access to the server.

Encryption can be broken offline. You may want to put a server in front of it to block access to the raw encrypted material.

That said, I'm using the Stanford JavaScript Crypto Library on https://github.com/gabrielsroka/gabrielsroka.github.io/blob/...

What about authentication? Maybe putting it on a Google doc and sharing it with certain people?

Thanks! Don't need authentication, these are just personal blog posts. If I go down that route, might as well set up a server.

The crypto library and the html snippet are helpful, thanks!

Just a pointer, but something like Plainsight[1] may give you some ideas.

You could agree on a source text with your friends in an out-of-band way, then everyone just has to go and download whatever book/song/etc that you agree on in order to decode your articles.

Anybody who isn't 'in-the-know' will just see gibberish.

[1] https://github.com/rw/plainsight

This is very close to what I was looking for, thank you!