From Zero to Production: Hosting a Secure Site on GitHub Pages with a Custom Domain (for Free)

Platform & Delivery · GitHub Pages · DNS · HTTPS · Personal Platform

I built and deployed my personal platform (JCX360.com) using GitHub Pages, a custom domain, and HTTPS — all without paying for hosting.

What surprised me wasn’t how powerful the setup is, but how many small, non-obvious steps are required to get it right. I’ve already had several friends ask how I did it, so here’s a practical, end-to-end guide based on real-world experience.

This isn’t a marketing checklist — it’s the exact workflow I used, including the common pitfalls.

Why GitHub Pages + Custom Domain?

For architects, consultants, and engineers, this setup is ideal:

Free static hosting

Built-in global CDN

Native HTTPS via Let’s Encrypt

Tight integration with GitHub workflows

Perfect for blogs, portfolios, documentation, and technical platforms

High-Level Architecture

At a high level, the setup looks like this:

Domain Registrar → DNS (A + CNAME) → GitHub Pages → TLS Certificate → Static Site

Simple in theory. Finicky in practice.

Step 1 — Create Your GitHub Pages Repository

Create a public GitHub repo
Add an index.html at the root
Go to: Settings → Pages
Set Source = main branch
Confirm your site works on github.io

Step 2 — Add a Custom Domain in GitHub

Settings → Pages → Custom domain
Add: yourdomain.com
GitHub will create a CNAME file automatically

Step 3 — Configure DNS (The Critical Bit)

A Records (root domain):

185.199.108.153
185.199.109.153
185.199.110.153
185.199.111.153

CNAME for www:

www → <username>.github.io

Step 4 — Wait for DNS Propagation

This is where most people panic. DNS can take minutes or hours. Until it’s correct:

HTTPS will be unavailable

You may see certificate errors

GitHub will show “DNS check in progress”

Step 5 — Enable HTTPS

Once GitHub shows DNS check successful, you can:

☑ Enforce HTTPS

GitHub will automatically issue and bind a TLS certificate.

Common Pitfalls (I Hit These)

Incorrect A records

CNAME pointing to wrong repo

HTTPS unavailable until DNS is 100% correct

Browser caching old cert errors

Confusion between apex and www domains

Why This Matters Beyond a Personal Site

This pattern mirrors real enterprise platform design:

CDN-backed static hosting

DNS + TLS automation

Infrastructure as configuration

Zero-infrastructure operational overhead

Final Thoughts

What I like about this approach is that it combines strong architecture principles with delivery pragmatism and security by default — without overengineering.

It’s a great lightweight pattern for personal platforms, technical blogs, documentation, and internal portals.

← Back to Series Home →