Even if your site doesn’t collect customer data or process transactions, it’s still responsible internet citizenship to ensure that traffic to it is encrypted. I’ve been lax in doing that, but I finally got around to it: this site is henceforth HTTPS-only. Here’s a server test.
You should see little difference except for a padlock in your browser’s address bar. I also took the opportunity to offer HTTP/2 and HSTS, if your browser supports them. Let me know if you have any problems.
I’d like to thank Rys Sommefeldt for his advice on certificates. I can highly recommend Let’s Encrypt if you want to secure your own site (you should), and indeed the nginx web server, which makes most of the above stuff almost trivially easy. For hosting, as ever, I’m with Linode.