OK, I got it. It's a great idea to encourage people to use HTTPS everywhere and using Letsencrypt is a good way to do it.
A couple of points:
1) I see no mention of renewing certificates.
Having installed a Letsencrypt certificate it will expire after three months and you won't be able to get into your site. One can either renew the cert manually every three months or automate it. I have a weekly cron job that runs the "certbot renew" command. It also stops my nginx server before the renew and then starts it again.
Aside: I got a call in the early hours of this morning telling me that our site was inaccessible. Turned out my cron job failed to renew the cert! I had been running it daily and Letsencrypt has a rate limit on renewals. I hope running it weekly is better.
2) It talks about having both http and https versions of the site available. This is a bad idea and should be discouraged.
If you care at all about security, even if it is only to stop random people turning the LEDs connected to your Pi on and off, then having HTTP available awell is a security hole. It's like having two front doors on your house, side by side, one with a lock requiring a key to open it and one that is left open all day long!
If you don't care about security then why are you bothering with HTTPS in the first place?
3) Having HTTPS in place is a good start but it's only the beginning of ensuring your web server is secure.
There are a ton of other things to do to make things secure. Depending on what server and other software you are running and what you are doing. For example have a look at the website security checklists one finds around the net:
For example this lengthy check list, any and all of which could apply to your situation:
https://www.owasp.org/index.php/Web_App ... heat_Sheet
4) Interestingly this article about securing a site with HTTPS is on a site that is not secured with HTTPS. Also running Wordpress!
Memory in C++ is a leaky abstraction .